A security analyst reviews the following output:
The analyst loads the hash into the SIEM to discover if this hash is seen in other parts of the network. After inspecting a large number of files, the security analyst reports the following:
Which of the following is the MOST likely cause of the hash being found in other areas?
A. Jan Smith is an insider threat
B. There are MD5 hash collisions
C. The file is encrypted
D. Shadow copies are present
Â
Suggested Answer: B
This question is in SY0-501 Exam
For getting CompTIA Security+ certificate
Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by CompTIA.
Trademarks, certification & product names are used for reference only and belong to CompTIA.
The website does not contain actual questions and answers from CompTIA's Certification Exams.
