- All Exams Instant Download
Which security monitoring data type requires the largest storage space?
Which security monitoring data type requires the largest storage space?A . transaction dataB . statistical dataC . session dataD . full packet captureView AnswerAnswer: D
What is the difference between statistical detection and rule-based detection models?
What is the difference between statistical detection and rule-based detection models?A . Rule-based detection involves the collection of data in relation to the behavior of legitimate users over a period of timeB . Statistical detection defines legitimate data of users over a period of time and rule-based detection defines it...
What is the difference between deep packet inspection and stateful inspection?
What is the difference between deep packet inspection and stateful inspection?A . Deep packet inspection is more secure than stateful inspection on Layer 4B . Stateful inspection verifies contents at Layer 4 and deep packet inspection verifies connection at Layer 7C . Stateful inspection is more secure than deep packet...
Which step in the incident response process researches an attacking host through logs in a SIEM?
Which step in the incident response process researches an attacking host through logs in a SIEM?A . detection and analysisB . preparationC . eradicationD . containmentView AnswerAnswer: A Explanation: Preparation --> Detection and Analysis --> Containment, Erradicaion and Recovery --> Post-Incident Activity Detection and Analysis --> Profile networks and systems,...
Drag and drop the security concept on the left onto the example of that concept on the right
DRAG DROP Drag and drop the security concept on the left onto the example of that concept on the right. View AnswerAnswer:
What are two differences in how tampered and untampered disk images affect a security incident? (Choose two.)
What are two differences in how tampered and untampered disk images affect a security incident? (Choose two.)A . Untampered images are used in the security investigation processB . Tampered images are used in the security investigation processC . The image is tampered if the stored hash and the computed hash...
Which testing method did the intruder use?
An intruder attempted malicious activity and exchanged emails with a user and received corporate information, including email distribution lists. The intruder asked the user to engage with a link in an email. When the fink launched, it infected machines and the intruder was able to access the corporate network. Which...
How does certificate authority impact a security system?
How does certificate authority impact a security system?A . It authenticates client identity when requesting SSL certificateB . It validates domain identity of a SSL certificateC . It authenticates domain identity when requesting SSL certificateD . It validates client identity when communicating with the serverView AnswerAnswer: B
Which command will accomplish this goal?
An engineer needs to discover alive hosts within the 192.168.1.0/24 range without triggering intrusive portscan alerts on the IDS device using Nmap. Which command will accomplish this goal?A . nmap --top-ports 192.168.1.0/24B . nmap CsP 192.168.1.0/24C . nmap -sL 192.168.1.0/24D . nmap -sV 192.168.1.0/24View AnswerAnswer: B Explanation: https://explainshell.com/explain?cmd=nmap+-sP
What is occurring in this network?
Refer to the exhibit. What is occurring in this network?A . ARP cache poisoningB . DNS cache poisoningC . MAC address table overflowD . MAC flooding attackView AnswerAnswer: A