- All Exams Instant Download
What does an attacker use to determine which network ports are listening on a potential target device?
What does an attacker use to determine which network ports are listening on a potential target device?A . man-in-the-middleB . port scanningC . SQL injectionD . ping sweepView AnswerAnswer: B
What is the difference between an attack vector and attack surface?
What is the difference between an attack vector and attack surface?A . An attack surface identifies vulnerabilities that require user input or validation; and an attack vector identifies vulnerabilities that are independent of user actions.B . An attack vector identifies components that can be exploited, and an attack surface identifies...
What does cyber attribution identify in an investigation?
What does cyber attribution identify in an investigation?A . cause of an attackB . exploit of an attackC . vulnerabilities exploitedD . threat actors of an attackView AnswerAnswer: D Explanation: https://www.techtarget.com/searchsecurity/definition/cyber-attribution
Which evasion technique is a function of ransomware?
Which evasion technique is a function of ransomware?A . extended sleep callsB . encryptionC . resource exhaustionD . encodingView AnswerAnswer: B
Which process is used when IPS events are removed to improve data integrity?
Which process is used when IPS events are removed to improve data integrity?A . data availabilityB . data normalizationC . data signatureD . data protectionView AnswerAnswer: B
What makes HTTPS traffic difficult to monitor?
What makes HTTPS traffic difficult to monitor?A . SSL interceptionB . packet header sizeC . signature detection timeD . encryptionView AnswerAnswer: D
Which event category is described?
A security specialist notices 100 HTTP GET and POST requests for multiple pages on the web servers. The agent in the requests contains PHP code that, if executed, creates and writes to a new PHP file on the webserver. Which event category is described?A . reconnaissanceB . action on objectivesC...
Which two elements in the table are parts of the 5-tuple?
Refer to the exhibit. Which two elements in the table are parts of the 5-tuple? (Choose two.)A . First PacketB . Initiator UserC . Ingress Security ZoneD . Source PortE . Initiator IPView AnswerAnswer: DE
Why is encryption challenging to security monitoring?
Why is encryption challenging to security monitoring?A . Encryption analysis is used by attackers to monitor VPN tunnels.B . Encryption is used by threat actors as a method of evasion and obfuscation.C . Encryption introduces additional processing requirements by the CPU.D . Encryption introduces larger packet sizes to analyze and...
Drag and drop the uses on the left onto the type of security system on the right
DRAG DROP Drag and drop the uses on the left onto the type of security system on the right. View AnswerAnswer:
