A security analyst receives an alert about hundreds of login attempts from unusual geographic locations within the last few minutes. What can the analyst use to review a timeline of the login attempts, locations, and time of activity? A. A network protocol analyzer (packet sniffer)
B. An operating system
C. A playbook
D. A SIEM tool dashboard