SY0-701 · Question #910
SY0-701 Question #910: Real Exam Question with Answer & Explanation
The correct answer is D: UBA. UBA builds baselines of normal user and entity activity (logins, data access patterns, movement between hosts) and flags deviations - the kind of anomalous lateral movement a zero‐day–driven intruder generates. Because it’s behavior-based rather than signature-based, it can surfa
Question
A company experiences a breach. The investigation reveals that the threat actor used a zero-day vulnerability to gain access and move laterally. Which of the following would best improve the company's security posture and minimize the time to detect this type of incident?
Options
- ANAC
- BIDS
- CDLP
- DUBA
Explanation
UBA builds baselines of normal user and entity activity (logins, data access patterns, movement between hosts) and flags deviations - the kind of anomalous lateral movement a zero‐day–driven intruder generates. Because it’s behavior-based rather than signature-based, it can surface unseen exploits faster and shrink detection time for novel attacks.
Community Discussion
No community discussion yet for this question.