CS0-003 Security Operations • Set 6
CS0-003 Security Operations Practice Test 6 — 15 questions with explanations. Free, no signup.
A user opens an invoice document and shortly afterward the endpoint runs wscript.exe from the user's profile. Which detection logic is most relevant? In the root-cause analysis phase, Which finding would most directly explain the activity?