CS0-003 Security Operations • Set 4
CS0-003 Security Operations Practice Test 4 — 15 questions with explanations. Free, no signup.
A WAF generates repeated SQL injection alerts against a login endpoint. The application team says the requests returned HTTP 200. What should the analyst do before declaring compromise? In the detection engineering phase, Which detection or tuning approach would reduce noise without losing the signal?