What challenge will a DFIR analyst experience when investigating this attack?
A company using PaaS to host and develop their software application is experiencing a DOS attack. What challenge will a DFIR analyst experience when investigating this attack?A . Restricted access to their application logsB . Resource scaling will affect access to logsC . Network logs are unavailable for reviewD ....
Which logs would be a preferable starting point for an investigation?
Sensitive company data is found leaked on the internet, and the security team didn't get any alert and is unsure of how the breach occurred. Which logs would be a preferable starting point for an investigation?A . Identity and Access ManagementB . ApplicationC . Resource ManagementD . EndpointView AnswerAnswer: A
How is storage account, cs21003200042c87633, created in an Azure resource group?
How is storage account, cs21003200042c87633, created in an Azure resource group?A . PowerShell Cloud Shell audit logging was enabledB . A Bash Cloud Shell was usedC . PowerShelI Cloud Shell was usedD . Azure CLI was used from a Windows machineView AnswerAnswer: B
What needs to be created in order to properly handle these logs?
An engineer has set up log forwarding for a new data source and wants to use that data to run reports and create dashboards in Kibana. What needs to be created in order to properly handle these logs?A . RowB . ParserC . ingest scriptD . BeatView AnswerAnswer: B
Which statement describes how an organization could use IPv6 in a Google Cloud deployment?
Which statement describes how an organization could use IPv6 in a Google Cloud deployment?A . IPv6 has to be configured for each compute node IndividuallyB . IPv6 b enabled by default for global traffic between VPCsC . IPv6 is enabled by default for traffic within VPCsD . IPv6 needs to...
What type of AWS log is the following snippet an example of?
What type of AWS log is the following snippet an example of? A . Web Application firewall LogB . VPC Flow LogC . Load Balancer LogD . Route 53 Query LogView AnswerAnswer: B
At what point of the OAuth delegation process does the Resource Owner approve the scope of access to be allowed?
At what point of the OAuth delegation process does the Resource Owner approve the scope of access to be allowed?A . After user credentials are accepted by the Authorization ServerB . Once the OAuth token is accepted by the ApplicationC . When the Resource Server receives the OAuth tokenD ....
What is the name of the blob container?
An Azure blob is accessed using the link below. What is the name of the blob container? A . ex-storageB . mov.aviC . mymoviesD . blob.coreView AnswerAnswer: C
What would cause the analyst to be unable to search UAL events for a specific time period?
An analyst successfully authenticated to Microsoft 365 using the following command. What would cause the analyst to be unable to search UAL events for a specific time period? Ps> connect fxrhangeOnline userPrincipalName sysanalystatexanpteco.comA . The tmdlets to search the UAl were not Imported into the sessionB . The UAL cannot...
What can be inferred about the ARN below?
What can be inferred about the ARN below? arn:aws:!am::457787814323:user/giacA . giac's is a user In the AWS account 457787814323B . giac's access Is testf kted to resources owned by AWS tenant 457787814323C . giac's Is limited to roles defined under a single AWS organizationD . giac's user's access key 10...