ISC2 CC Security Operations • Set 3
ISC2 CC Security Operations Practice Test 3 — 15 questions with explanations. Free, no signup.
A security analyst at a Security Operations Centre (SOC) receives an alert from the SIEM indicating multiple failed login attempts for a user account followed by a successful login from an unusual geographic location. According to SOC tier responsibilities, which tier should perform the initial triage of this alert?