CySA+ CS0-001 – Q. 146

0
20

A security analyst is reviewing logs and discovers that a company-owned computer issued to an employee is generating many alerts and warnings. The analyst continues to review the log events and discovers that a non-company-owned device from a different, unknown IP address is generating the same events. The analyst informs the manager of these findings, and the manager explains that these activities are already known and part of an ongoing events. Given this scenario, which of the following roles are the analyst, the employee, and the manager filling?

A. The analyst is red team.
The employee is blue team.
The manager is white team.
B. The analyst is white team.
The employee is red team.
The manager is blue team.
C. The analyst is red team.
The employee is white team.
The manager is blue team.
D. The analyst is blue team.
The employee is red team.
The manager is white team.