During a routine security check, a security specialist notices an alert indicating repeated authentication failures followed by a system access event. When examining the system's security logs to assess the situation, which pattern would most likely suggest a compromise?
Routine sign-ins at regular intervals from known network addresses associated with automated maintenance tasks
Continuous internal traffic to the network gateway as part of normal activity monitoring
Regular status updates confirming that the security mechanisms are fully operational
Repeated credential validation errors immediately followed by an entry clearance recorded from a single identifier
The correct response involves identifying a pattern of unsuccessful access attempts that culminate in an eventual successful entry by a single source. This signifies a probable breach, most likely following a successful brute-force attack where the intruder determined the valid credentials after a series of trials. The remaining options either represent normal behaviors or reflect activities that lack indicators of a targeted or malignant threat.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a brute-force attack?
Open an interactive chat with Bash
What are credential validation errors?
Open an interactive chat with Bash
What constitutes 'normal behaviors' in network security?