ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCCET All Questions

View all questions & answers for the PCCET exam
Go to Exam

Exam PCCET topic 1 question 117 discussion

Actual exam question from Palo Alto Networks's PCCET
Question #: 117
Topic #: 1
[All PCCET Questions]

What should a security operations engineer de when reviewing suspicious, but successful, login activity?

  • A. Immediately disable the suspicious user until they conclude their investigation.
  • B. Look for other types of suspicious activity in the moments before or after the login.
  • C. Inspect the network firewall for any open ports and include those in their investigation.
  • D. Review who else was logged in at the same time and inspect all active user accounts.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by mkucuk89 at Jan. 19, 2024, 6:18 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
mkucuk89
9 months, 2 weeks ago
Selected Answer: B
B. Look for other types of suspicious activity in the moments before or after the login.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago