- All Exams Instant Download
What causes events on a Windows system to show Event Code 4625 in the log messages?
What causes events on a Windows system to show Event Code 4625 in the log messages?A . The system detected an XSS attackB . Someone is trying a brute force attack on the networkC . Another device is gaining root access to the systemD . A privileged user successfully logged...
Which regex must the analyst import?
An analyst is using the SIEM platform and must extract a custom property from a Cisco device and capture the phrase, "File: Clean." Which regex must the analyst import?A . File: CleanB . ^Parent File Clean$C . File: Clean (.*)D . ^File: Clean$View AnswerAnswer: B
What is the practice of giving an employee access to only the resources needed to accomplish their job?
What is the practice of giving an employee access to only the resources needed to accomplish their job?A . principle of least privilegeB . organizational separationC . separation of dutiesD . need to know principleView AnswerAnswer: A
What is the potential threat identified in this Stealthwatch dashboard?
Refer to the exhibit. What is the potential threat identified in this Stealthwatch dashboard?A . A policy violation is active for host 10.10.101.24.B . A host on the network is sending a DDoS attack to another inside host.C . There are three active data exfiltration alerts.D . A policy violation...
Which security monitoring data type requires the largest storage space?
Which security monitoring data type requires the largest storage space?A . transaction dataB . statistical dataC . session dataD . full packet captureView AnswerAnswer: D
What is threat hunting?
What is threat hunting?A . Managing a vulnerability assessment report to mitigate potential threats.B . Focusing on proactively detecting possible signs of intrusion and compromise.C . Pursuing competitors and adversaries to infiltrate their system to acquire intelligence data.D . Attempting to deliberately disrupt servers by altering their availabilityView AnswerAnswer: A
Which type of evidence supports a theory or an assumption that results from initial evidence?
Which type of evidence supports a theory or an assumption that results from initial evidence?A . probabilisticB . indirectC . bestD . corroborativeView AnswerAnswer: D Explanation: Corroborating evidence (or corroboration) is evidence that tends to support a theory or an assumption deduced by some initial evidence. This corroborating evidence confirms...
Which metric in CVSS indicates an attack that takes a destination bank account number and replaces it with a different bank account number?
Which metric in CVSS indicates an attack that takes a destination bank account number and replaces it with a different bank account number?A . availabilityB . confidentialityC . scopeD . integrityView AnswerAnswer: D
What is a difference between tampered and untampered disk images?
What is a difference between tampered and untampered disk images?A . Tampered images have the same stored and computed hash.B . Tampered images are used as evidence.C . Untampered images are used for forensic investigations.D . Untampered images are deliberately altered to preserve as evidenceView AnswerAnswer: B
What is personally identifiable information that must be safeguarded from unauthorized access?
What is personally identifiable information that must be safeguarded from unauthorized access?A . date of birthB . driver's license numberC . genderD . zip codeView AnswerAnswer: B Explanation: According to the Executive Office of the President, Office of Management and Budget (OMB), and the U.S. Department of Commerce, Office of...
