- All Exams Instant Download
Which technology on a host is used to isolate a running application from other applications?
Which technology on a host is used to isolate a running application from other applications?A . sandboxB . application allow listC . application block listD . host-based firewallView AnswerAnswer: A
Which event category is described?
A security specialist notices 100 HTTP GET and POST requests for multiple pages on the web servers. The agent in the requests contains PHP code that, if executed, creates and writes to a new PHP file on the webserver . Which event category is described?A . reconnaissanceB . action on...
What is the difference between statistical detection and rule-based detection models?
What is the difference between statistical detection and rule-based detection models?A . Rule-based detection involves the collection of data in relation to the behavior of legitimate users over a period of timeB . Statistical detection defines legitimate data of users over a period of time and rule-based detection defines it...
Drag and drop the technology on the left onto the data type the technology provides on the right
DRAG DROP Drag and drop the technology on the left onto the data type the technology provides on the right. View AnswerAnswer:
What are two social engineering techniques? (Choose two.)
What are two social engineering techniques? (Choose two.)A . privilege escalationB . DDoS attackC . phishingD . man-in-the-middleE . pharmingView AnswerAnswer: C,E
What is the function of a command and control server?
What is the function of a command and control server?A . It enumerates open ports on a network deviceB . It drops secondary payload into malwareC . It is used to regain control of the network after a compromiseD . It sends instruction to a compromised systemView AnswerAnswer: D
What is a difference between inline traffic interrogation and traffic mirroring?
What is a difference between inline traffic interrogation and traffic mirroring?A . Inline inspection acts on the original traffic data flowB . Traffic mirroring passes live traffic to a tool for blockingC . Traffic mirroring inspects live traffic for analysis and mitigationD . Inline traffic copies packets for analysis and...
What is causing this issue?
An engineer is addressing a connectivity issue between two servers where the remote server is unable to establish a successful session. Initial checks show that the remote server is not receiving an SYN-ACK while establishing a session by sending the first SYN . What is causing this issue?A . incorrect...
Which artifact is used to uniquely identify a detected file?
Which artifact is used to uniquely identify a detected file?A . file timestampB . file extensionC . file sizeD . file hashView AnswerAnswer: D
What should a security analyst consider when comparing inline traffic interrogation with traffic tapping to determine which approach to use in the network?
What should a security analyst consider when comparing inline traffic interrogation with traffic tapping to determine which approach to use in the network?A . Tapping interrogation replicates signals to a separate port for analyzing trafficB . Tapping interrogations detect and block malicious trafficC . Inline interrogation enables viewing a copy...
