- All Exams Instant Download
What type of information did the malicious insider attempt to obtain?
An engineer is investigating a case of the unauthorized usage of the “Tcpdump” tool. The analysis revealed that a malicious insider attempted to sniff traffic on a specific interface . What type of information did the malicious insider attempt to obtain?A . tagged protocols being used on the networkB ....
Which technology on a host is used to isolate a running application from other applications?
Which technology on a host is used to isolate a running application from other applications?A . sandboxB . application allow listC . application block listD . host-based firewallView AnswerAnswer: A Explanation: Reference: https://searchsecurity.techtarget.com/definition/sandbox#:~:text=Sandboxes%20can%20be%20used%20to,be%20run%20inside%20a%20sandbox
Which incidence response step includes identifying all hosts affected by an attack?
Which incidence response step includes identifying all hosts affected by an attack?A . detection and analysisB . post-incident activityC . preparationD . containment, eradication, and recoveryView AnswerAnswer: D Explanation:
Which data format is the most efficient to build a baseline of traffic seen over an extended period of time?
Which data format is the most efficient to build a baseline of traffic seen over an extended period of time?A . syslog messagesB . full packet captureC . NetFlowD . firewall event logsView AnswerAnswer: C
Which piece of information is needed for attribution in an investigation?
Which piece of information is needed for attribution in an investigation?A . proxy logs showing the source RFC 1918 IP addressesB . RDP allowed from the InternetC . known threat actor behaviorD . 802.1x RADIUS authentication pass arid fail logsView AnswerAnswer: C Explanation: Actually this is the most important thing:...
What is an example of social engineering attacks?
What is an example of social engineering attacks?A . receiving an unexpected email from an unknown person with an attachment from someone in the same companyB . receiving an email from human resources requesting a visit to their secure website to update contact informationC . sending a verbal request to...
Which category relates to improper use or disclosure of PII data?
Which category relates to improper use or disclosure of PII data?A . legalB . complianceC . regulatedD . contractualView AnswerAnswer: C
How does a certificate authority impact security?
How does a certificate authority impact security?A . It validates client identity when communicating with the server.B . It authenticates client identity when requesting an SSL certificate.C . It authenticates domain identity when requesting an SSL certificate.D . It validates the domain identity of the SSL certificate.View AnswerAnswer: D Explanation:...
What are the two characteristics of the full packet captures? (Choose two.)
What are the two characteristics of the full packet captures? (Choose two.)A . Identifying network loops and collision domains.B . Troubleshooting the cause of security and performance issues.C . Reassembling fragmented traffic from raw data.D . Detecting common hardware faults and identify faulty assets.E . Providing a historical record of...
What describes the concept of data consistently and readily being accessible for legitimate users?
What describes the concept of data consistently and readily being accessible for legitimate users?A . integrityB . availabilityC . accessibilityD . confidentialityView AnswerAnswer: B
