COMPTIA · Server+ (SK0-005)

Server+ PBQ Lab: HTTPS alerts following suspicious service-account logon

By QH

In this Server+ incident-response simulator, the learner investigates APP-SRV-02 after off-hours outbound HTTPS alerts appear following a suspicious service-account logon.

The lab requires the user to compare normal and abnormal server behavior, recognize that local host tools may be unreliable on a compromised system, preserve evidence before making destructive changes, and choose a containment plan that stops the threat without unnecessarily breaking application dependencies.

This is a hands-on troubleshooting and security-response PBQ built around process ownership, persistence, packet capture, service-account misuse, and evidence-safe remediation.

Published Jun 15, 2026 · Updated Jun 15, 2026

1questions

100%pass score

100%Platform simulator (PBQ)

How do you want to study?

Topics covered

This quiz

Uncategorized1 (100%)

Uncategorized1 question

Discussion

No posts yet. Be the first to start the conversation.

Browse

Server+ PBQ Lab: HTTPS alerts following suspicious service-account logon

This quiz

Exam Mode

Ready to start?

Study Mode

Ready to try study mode?

Exam Readiness

Flashcard Decks