Refer to the exhibit. A SOC team member receives a case from his colleague with notes attached. The artifacts and alerts associated with the case must be analyzed and a conclusion must be provided. What is the cause of the alert?
A.
An insider threat compromised the service account to delete sensitive data.
B.
External attackers gained access and are exfiltrating data stealthily.
C.
A ransomware attack is underway, encrypting files and deleting originals.
D.
A misconfigured backup process malfunctioned, causing unexpected file changes.
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit