CS0-003 • Practice Test 30
Free CS0-003 practice test — 15 questions with explanations. Set 30. No signup required.
A company uses a SIEM platform that ingests logs from various sources. The SOC team receives an alert for a high number of failed login attempts (over 100 in 5 minutes) on the domain controller from a single IP address. The analyst investigates and finds that the failed attempts are for multiple different usernames, including some disabled accounts. The source IP is traced to an external VPN service. The analyst also notices that a few accounts had successful logins from the same IP after the failed attempts. Which of the following is the MOST likely attack type?