CompTIA Security+ Question M-16

A security analyst receives a SIEM alert that someone logged in to the appadmin test account, which is only used for the early detection of attacks. The security analyst then reviews the following application log:

Comptia Security+
Which of the following can the security analyst conclude?

A. A replay attack is being conducted against the application.
B. An injection attack is being conducted against a user authentication system.
C. A service account password may have been changed, resulting in continuously failed logins within the application.
D. A credentialed vulnerability scanner attack is testing several CVEs against the application.

Answer: C