- All Exams Instant Download
What is the threat actor in this incident?
A company receptionist received a threatening call referencing stealing assets and did not take any action assuming it was a social engineering attempt. Within 48 hours, multiple assets were breached, affecting the confidentiality of sensitive information. What is the threat actor in this incident?A . company assets that are threatenedB...
What is the potential threat identified in this Stealth watch dashboard?
Refer to the exhibit. What is the potential threat identified in this Stealth watch dashboard?A . A policy violation is active for host 10.10.101.24.B . A host on the network is sending a DDoS attack to another inside host.C . There are two active data exfiltration alerts.D . A policy...
Which attack method intercepts traffic on a switched network?
Which attack method intercepts traffic on a switched network?A . denial of serviceB . ARP cache poisoningC . DHCP snoopingD . command and controlView AnswerAnswer: B Explanation: An ARP-based MITM attack is achieved when an attacker poisons the ARP cache of two devices with the MAC address of the attacker's...
During which phase of the forensic process is data that is related to a specific event labeled and recorded to preserve its integrity?
During which phase of the forensic process is data that is related to a specific event labeled and recorded to preserve its integrity?A . examinationB . investigationC . collectionD . reportingView AnswerAnswer: C
How is NetFlow different from traffic mirroring?
How is NetFlow different from traffic mirroring?A . NetFlow collects metadata and traffic mirroring clones data.B . Traffic mirroring impacts switch performance and NetFlow does not.C . Traffic mirroring costs less to operate than NetFlow.D . NetFlow generates more data than traffic mirroring.View AnswerAnswer: A
Which type of log is displayed?
Refer to the exhibit. Which type of log is displayed?A . IDSB . proxyC . NetFlowD . sysView AnswerAnswer: A Explanation: You also see the 5-tuple in IPS events, NetFlow records, and other event data. In fact, on the exam you may need to differentiate between a firewall log versus...
In which Linux log file is this output found?
Refer to the exhibit. In which Linux log file is this output found?A . /var/log/authorization.logB . /var/log/dmesgC . var/log/var.logD . /var/log/auth.logView AnswerAnswer: D
What is the difference between a threat and a risk?
What is the difference between a threat and a risk?A . Threat represents a potential danger that could take advantage of a weakness in a systemB . Risk represents the known and identified loss or danger in the systemC . Risk represents the nonintentional interaction with uncertainty in the systemD...
Which data format is the most efficient to build a baseline of traffic seen over an extended period of time?
Which data format is the most efficient to build a baseline of traffic seen over an extended period of time?A . syslog messagesB . full packet captureC . NetFlowD . firewall event logsView AnswerAnswer: C
What is a feature of Windows Management Instrumentation that must be considered when deciding on an operating system?
An analyst is exploring the functionality of different operating systems. What is a feature of Windows Management Instrumentation that must be considered when deciding on an operating system?A . queries Linux devices that have Microsoft Services for Linux installedB . deploys Windows Operating Systems in an automated fashionC . is...
