CS0-003 Security Operations • Set 11
CS0-003 Security Operations Practice Test 11 — 15 questions with explanations. Free, no signup.
A security analyst is reviewing a SIEM alert that triggered on a known malicious IP address communicating with an internal server. The analyst checks the threat intelligence feed and confirms the IP is associated with a command-and-control server. What type of alert is this?