Which of the following can the security analyst conclude?

A security analyst receives a SIEM alert that someone logged in to the appadmin test account, which is only used for the early detection of attacks.

The security analyst then reviews the following application log:

Which of the following can the security analyst conclude?
A . A replay attack is being conducted against the application.
B . An injection attack is being conducted against a user authentication system.
C . A service account password may have been changed, resulting in continuous failed logins within the application.
D . A credentialed vulnerability scanner attack is testing several CVEs against the application.

View Answer

Answer: C