A SIEM analyst noticed a spike in activities from the guest wireless network to several electronic health record (EHR) systems. After further analysis, the analyst discovered that a large volume of data has been uploaded to a cloud provider in the last six months. Which of the following actions should the analyst do FIRST?

A system administrator has reviewed the following output:

Which of the following can a system administrator infer from the above output?

When reviewing network traffic, a security analyst detects suspicious activity:

Based on the log above, which of the following vulnerability attacks is occurring?

A recent audit has uncovered several coding errors and a lack of input validation being used on a public portal.
Due to the nature of the portal and the severity of the errors, the portal is unable to be patched. Which of the following tools could be used to reduce the risk of being compromised?

A security analyst Is reviewing the overnight authentication activity and sees the following set of logs from last evening:

Which of the following should the analyst do NEXT?