ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-001 All Questions

View all questions & answers for the CS0-001 exam
Go to Exam

Exam CS0-001 topic 1 question 314 discussion

Actual exam question from CompTIA's CS0-001
Question #: 314
Topic #: 1
[All CS0-001 Questions]

A company's IDP/DLP solution triggered the following alerts:

Which of the following alerts should a security analyst investigate FIRST?

  • A. A
  • B. B
  • C. C
  • D. D
  • E. E
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by PGV1515 at May 19, 2020, 4:33 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
s3curity1
Highly Voted 5 years ago
shouldn't this be letter B? the text pattern appears to be credit card data, so it might be a PCI data breach. Letter D only looks like some kind of port scan because of the detection of XMAS packet
upvoted 6 times
kkarri
4 years, 8 months ago
not to forget that the solution detecting the pattern is a DLP, so it make sense it should be B.
upvoted 2 times
...
...
lloydxmas
Most Recent 4 years, 11 months ago
I think D is correct because it was a local address 192.168.233.18 sending out an XMAS Scan to SMB port on another local IP 172.16.15.233
upvoted 1 times
Toyeeb
4 years, 10 months ago
Thats more of a reason it should be B. It signifies that someone in the organization is performaning the Xmas attack. It could be a security Analyst or a pen tester.
upvoted 2 times
...
...
mejt
5 years ago
Maybe looking at a DDoS scenario...
upvoted 1 times
...
shoop
5 years ago
I'm thinking exfil by ftp or ssh --- unclear whether the connection is established or not. Xmas packet shouldn't matter, as it's only a scan with all flags on
upvoted 1 times
Blind_Hatred
4 years, 11 months ago
Because it says "attempted" I'm assuming it wasn't established.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel