A security specialist sees repeated attempts to open privileged ports throughout the day in a shared resource environment. Which approach is the BEST way to investigate if these attempts indicate malicious behavior without causing unnecessary downtime?
Add additional resources to manage unexpected traffic and avoid resource depletion
Collect log entries from multiple sources and analyze them for trends that deviate from normal usage
Prevent incoming requests and deploy a fresh system image to remove possible intrusions
Return the system to a prior snapshot and send notifications to all users
Reviewing logs across multiple sources and analyzing usage details helps confirm whether unusual port attempts follow a harmful pattern. Blocking traffic and creating a new environment risks data loss and does not isolate the cause. Reverting to a previous snapshot or adding more capacity does not provide the necessary insight into suspicious attempts. Evaluating logs over a specified timeframe allows targeted detection of repeated requests and correlates them with known trends.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of log analysis in detecting suspicious activity?
Open an interactive chat with Bash
What are privileged ports, and why are they significant in cybersecurity?
Open an interactive chat with Bash
How does comparing trends to 'normal usage' help detect malicious behavior?
Open an interactive chat with Bash
CompTIA Cloud+ CV0-004
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access