CS0-003 Security Operations • Set 8
CS0-003 Security Operations Practice Test 8 — 15 questions with explanations. Free, no signup.
A security analyst is reviewing a SIEM alert indicating a high number of failed authentication attempts from a single IP address against multiple user accounts. The analyst checks the logs and finds the IP belongs to a known vulnerability scanner used by the internal security team. How should the analyst classify this alert?