Suppose as an information security manager of a company, you were assigned a special task of investigating some concerning incidents occurred in the company's network. Upon reviewing the server logs, you noticed a surge in failed login attempts from various IP addresses within a short span of time. While interviewing the company’s staff, several employees reported that they received many suspicious emails (apparently from within the company) requesting them to click on a link to verify their credentials to confirm some security matters and unfortunately, some of the staff members could not understand and foresee the matter and shared their login details. Furthermore, you also observed that certain files on the server have been encrypted, displaying a ransom note demanding payment in cryptocurrency for decryption.Based on the above provided information, it is analyzed that three different attacks occurred in this scenario (Brute force, Phishing, and ransomware) As an information security manager, which type of attack do you think is the primary cause of the security breach? Justify your answer with two solid reasons.Please follow the template to submit GDB solution provided below:Your selected option: __________________________Reason 1: __________________________________________________________________Reason 2: __________________________________________________________________Note: A concise, coherent and to the point comment is preferred over lengthy comment having irrelevant details. Your comment must not be more than 4-5 lines. Comments, posted on regular Lesson's MDB or sent through email will NOT be considered in any case. Any request about such an acceptance will not be catered.

Question 5As a security analyst, you are monitoring network traffic and detect a large number of failed login attempts. Which of the following tools would help you investigate this incident? Select two answers.1 pointAn intrusion detection system (IDS)A cryptographic encoderAn antivirus softwareA network protocol analyzer (packet sniffer)

James, a security team member, was assessing the security across organizational assets. He identified sudden fluctuations in the bandwidth consumption and repeated login attempts being made from remote hosts. Which of the following types of intrusion attempt James has identified in the above scenario?Group of answer choicesNetwork intrusionsSystem intrusionsFile system intrusionsPhysical intrusions

1.Question 1Which of the following potential signs of suspicious activity can you track with automated Python programs? Select all that apply.1 pointWhether login attempts occurred from IP addresses that are not established work zonesWhether phishing attempts occurred through in-person interactionsWhether several failed login attempts occurred within a short span of timeWhether login attempts occurred outside of normal work hours

An employee receives an email that they believe to be legitimate. They click on a compromised link within the email. What type of internal threat does this scenario describe?

Karl, a security professional at an organization, while analyzing Windows event logs identified that a threat actor made multiple attempts to gain access to the organization’s network but failed to do so, due to strong security controls deployed on the network. Identify the type of event data discussed in the above scenario.Group of answer choicesFailure auditWarningErrorSuccess audit