- All Exams Instant Download
At which phase of the cyber kill chain should the security team mitigate this type of attack?
The security team has detected an ongoing spam campaign targeting the organization. The team's approach is to push back the cyber kill chain and mitigate ongoing incidents. At which phase of the cyber kill chain should the security team mitigate this type of attack?A . actions B. delivery C. reconnaissance...
Which two pieces of information are collected from the IPv4 protocol header? (Choose two.)
Which two pieces of information are collected from the IPv4 protocol header? (Choose two.)A . UDP port to which the traffic is destined B. TCP port from which the traffic was sourced C. source IP address of the packet D. destination IP address of the packet E. UDP port from...
What is the difference between an attack vector and attack surface?
What is the difference between an attack vector and attack surface?A . An attack surface identifies vulnerabilities that require user input or validation; and an attack vector identifies vulnerabilities that are independent of user actions. B. An attack vector identifies components that can be exploited, and an attack surface identifies...
How does an SSL certificate impact security between the client and the server?
How does an SSL certificate impact security between the client and the server?A . by enabling an authenticated channel between the client and the server B. by creating an integrated channel between the client and the server C. by enabling an authorized channel between the client and the server D....
What is the impact of false positive alerts on business compared to true positive?
What is the impact of false positive alerts on business compared to true positive?A . True positives affect security as no alarm is raised when an attack has taken place, resulting in a potential breach. B. True positive alerts are blocked by mistake as potential attacks affecting application availability. C....
What is the function of a command and control server?
What is the function of a command and control server?A . It enumerates open ports on a network device B. It drops secondary payload into malware C. It is used to regain control of the network after a compromise D. It sends instruction to a compromised systemView AnswerAnswer: D
What is a collection of compromised machines that attackers use to carry out a DDoS attack?
What is a collection of compromised machines that attackers use to carry out a DDoS attack?A . subnet B. botnet C. VLAN D. command and controlView AnswerAnswer: B
Which identifier tracks an active program?
A SOC analyst is investigating an incident that involves a Linux system that is identifying specific sessions. Which identifier tracks an active program?A . application identification number B. active process identification number C. runtime identification number D. process identification numberView AnswerAnswer: D
What is the practice of giving employees only those permissions necessary to perform their specific role within an organization?
What is the practice of giving employees only those permissions necessary to perform their specific role within an organization?A . least privilege B. need to know C. integrity validation D. due diligenceView AnswerAnswer: A
What is the potential threat identified in this Stealthwatch dashboard?
Refer to the exhibit. What is the potential threat identified in this Stealthwatch dashboard?A . Host 10.201.3.149 is sending data to 152.46.6.91 using TCP/443. B. Host 152.46.6.91 is being identified as a watchlist country for data transfer. C. Traffic to 152.46.6.149 is being denied by an Advanced Network Control policy....
