which chain of alarms would be most concerning?

Given a Linux machine running only an SSH server, which chain of alarms would be most concerning?

Given a Linux machine running only an SSH server, which chain of alarms would be most concerning?

A.
brute force login attempt from outside of the network, followed by an internal network scan

B.
root login attempt followed by brute force login attempt

C.
Microsoft RPC attack against the server

D.
multiple rapid login attempts



Leave a Reply 0

Your email address will not be published. Required fields are marked *