Your security team receives an alert from the organization’s login server regarding multiple failed login attempts. The alert indicated that there were 10 failed login attempts to the company’s customer database in the past hour. What is the first thing you should do to investigate this incident?

Assets, Threats, and Vulnerabilities | Weekly challenge 2 Quiz | 

Your security team receives an alert from the organization’s login server regarding multiple failed login attempts. The alert indicated that there were 10 failed login attempts to the company’s customer database in the past hour. What is the first thing you should do to investigate this incident?

  • Disable the customer database server.
  • Ignore the alert until you receive more user complaints.
  • Return the server’s operating system to a previous version.
  • Perform accounting on the access logs of the system.

 

Leave a Comment