- All Exams Instant Download
What is a feature of Windows Management Instrumentation that must be considered when deciding on an operating system?
An analyst is exploring the functionality of different operating systems. What is a feature of Windows Management Instrumentation that must be considered when deciding on an operating system?A . queries Linux devices that have Microsoft Services for Linux installed B. deploys Windows Operating Systems in an automated fashion C. is...
(loC)?
What is the difference between indicator of attack (loA) and indicators of compromise (loC)?A . loA is the evidence that a security breach has occurred, and loC allows organizations to act before the vulnerability can be exploited. B. loA refers to the individual responsible for the security breach, and loC...
What causes events on a Windows system to show Event Code 4625 in the log messages?
What causes events on a Windows system to show Event Code 4625 in the log messages?A . The system detected an XSS attack B. Someone is trying a brute force attack on the network C. Another device is gaining root access to the system D. A privileged user successfully logged...
Which regular expression matches "color" and "colour"?
Which regular expression matches "color" and "colour"?A . colo?ur B. col[08]+our C. colou?r D. col[09]+ourView AnswerAnswer: C
After further investigation, the analyst learns that customers claim that they cannot access company servers According to NIST SP800-61, in which phase of the incident response process is the analyst?
A security analyst notices a sudden surge of incoming traffic and detects unknown packets from unknown senders. After further investigation, the analyst learns that customers claim that they cannot access company servers According to NIST SP800-61, in which phase of the incident response process is the analyst?A . post-incident activity...
What is indicated by an increase in IPv4 traffic carrying protocol 41 ?
What is indicated by an increase in IPv4 traffic carrying protocol 41 ?A . additional PPTP traffic due to Windows clients B. unauthorized peer-to-peer traffic C. deployment of a GRE network on top of an existing Layer 3 network D. attempts to tunnel IPv6 traffic through an IPv4 networkView AnswerAnswer:...
Which principle is being followed when an analyst gathers information relevant to a security incident to determine the appropriate course of action?
Which principle is being followed when an analyst gathers information relevant to a security incident to determine the appropriate course of action?A . decision making B. rapid response C. data mining D. due diligenceView AnswerAnswer: B
In which Linux log file is this output found?
Refer to the exhibit. In which Linux log file is this output found?A . /var/log/authorization.log B. /var/log/dmesg C. var/log/var.log D. /var/log/auth.logView AnswerAnswer: D
What is a difference between SIEM and SOAR?
What is a difference between SIEM and SOAR?A . SOAR predicts and prevents security alerts, while SIEM checks attack patterns and applies the mitigation. B. SlEM's primary function is to collect and detect anomalies, while SOAR is more focused on security operations automation and response. C. SIEM predicts and prevents...
What is a benefit of using asymmetric cryptography?
What is a benefit of using asymmetric cryptography?A . decrypts data with one key B. fast data transfer C. secure data transfer D. encrypts data with one keyView AnswerAnswer: B
