Which Automatic Remediation is configurable for a PTA detection of a "Suspected Credential Theft"?
Which Automatic Remediation is configurable for a PTA detection of a "Suspected Credential Theft"?
When dealing with a 'Suspected Credential Theft' detection by Privileged Threat Analytics (PTA), an appropriate automatic remediation action would be to disable the account. This immediate action prevents any potential misuse of the compromised credentials and helps secure the system, making it a critical step in mitigating further unauthorized access.
https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/13.0/en/Content/PTA/Viewing-Automatic-Containment-Responses.htm?tocpath=Administrator%7CComponents%7CPrivileged%20Threat%20Analytics%7CTroubleshoot%20PTA%20Configuration%7CUse%20the%20diamond.log%20for%20troubleshooting%7C_____1
https://docs.cyberark.com/PAS/13.0/en/Content/PTA/Security-Configuration.htm?TocPath=End%20user%7CSecurity%20Events%7C_____3
correct is B