- All Exams Instant Download
Which action does the engineer recommend?
A company encountered a breach on its web servers using IIS 7 5 Dunng the investigation, an engineer discovered that an attacker read and altered the data on a secure communication using TLS 1 2 and intercepted sensitive information by downgrading a connection to export-grade cryptography. The engineer must mitigate...
What does cyber attribution identify in an investigation?
What does cyber attribution identify in an investigation?A . cause of an attackB . exploit of an attackC . vulnerabilities exploitedD . threat actors of an attackView AnswerAnswer: D Explanation: https://www.techtarget.com/searchsecurity/definition/cyber-attribution
What is a difference between inline traffic interrogation and traffic mirroring?
What is a difference between inline traffic interrogation and traffic mirroring?A . Inline inspection acts on the original traffic data flowB . Traffic mirroring passes live traffic to a tool for blockingC . Traffic mirroring inspects live traffic for analysis and mitigationD . Inline traffic copies packets for analysis and...
Which data type is necessary to get information about source/destination ports?
Which data type is necessary to get information about source/destination ports?A . statistical dataB . session dataC . connectivity dataD . alert dataView AnswerAnswer: B Explanation: Session data provides information about the five tuples; source IP address/port number, destination IP address/port number and the protocol What is Connectivity Data? According...
What information is depicted?
Refer to the exhibit. What information is depicted?A . IIS dataB . NetFlow dataC . network discovery eventD . IPS event dataView AnswerAnswer: B
What is a difference between an inline and a tap mode traffic monitoring?
What is a difference between an inline and a tap mode traffic monitoring?A . Inline monitors traffic without examining other devices, while a tap mode tags traffic and examines the data from monitoring devices.B . Tap mode monitors traffic direction, while inline mode keeps packet data as it passes through...
What describes the defense-m-depth principle?
What describes the defense-m-depth principle?A . defining precise guidelines for new workstation installationsB . categorizing critical assets within the organizationC . isolating guest Wi-Fi from the focal networkD . implementing alerts for unexpected asset malfunctionsView AnswerAnswer: B
What is the reason for this discrepancy?
An analyst received an alert on their desktop computer showing that an attack was successful on the host. After investigating, the analyst discovered that no mitigation action occurred during the attack . What is the reason for this discrepancy?A . The computer has a HIPS installed on it.B . The...
Which packet contains a file that is extractable within Wireshark?
Refer to the exhibit. Which packet contains a file that is extractable within Wireshark?A . 2317B . 1986C . 2318D . 2542View AnswerAnswer: D
What is occurring in this network traffic?
Refer to the exhibit. What is occurring in this network traffic?A . High rate of SYN packets being sent from a multiple source towards a single destination IC . High rate of ACK packets being sent from a single source IP towards multiple destination IPs.D . Flood of ACK packets...
