- All Exams Instant Download
What is the difference between the rule-based detection when compared to behavioral detection?
What is the difference between the rule-based detection when compared to behavioral detection?A . Rule-Based detection is searching for patterns linked to specific types of attacks, while behavioral is identifying per signature.B . Rule-Based systems have established patterns that do not change with new data, while behavioral changes.C . Behavioral...
Which security principle requires more than one person is required to perform a critical task?
Which security principle requires more than one person is required to perform a critical task?A . least privilegeB . need to knowC . separation of dutiesD . due diligenceView AnswerAnswer: C
Which testing method did the intruder use?
An intruder attempted malicious activity and exchanged emails with a user and received corporate information, including email distribution lists. The intruder asked the user to engage with a link in an email. When the fink launched, it infected machines and the intruder was able to access the corporate network. Which...
Which security principle is violated by running all processes as root or administrator?
Which security principle is violated by running all processes as root or administrator?A . principle of least privilegeB . role-based access controlC . separation of dutiesD . trusted computing baseView AnswerAnswer: A
Which security technology guarantees the integrity and authenticity of all messages transferred to and from a web application?
Which security technology guarantees the integrity and authenticity of all messages transferred to and from a web application?A . Hypertext Transfer ProtocolB . SSL CertificateC . TunnelingD . VPNView AnswerAnswer: B
What is the principle of defense-in-depth?
What is the principle of defense-in-depth?A . Agentless and agent-based protection for security are used.B . Several distinct protective layers are involved.C . Access control models are involved.D . Authentication, authorization, and accounting mechanisms are used.View AnswerAnswer: B
What should be interpreted from this packet capture?
Refer to the exhibit. What should be interpreted from this packet capture?A . 81.179.179.69 is sending a packet from port 80 to port 50272 of IP address 192.168.122.100 using UDP protocol.B . 192.168.122.100 is sending a packet from port 50272 to port 80 of IP address 81.179.179.69 using TCP protocol.C...
What is shown in this PCAP file?
Refer to the exhibit. What is shown in this PCAP file?A . Timestamps are indicated with error.B . The protocol is TCD . The User-Agent is Mozilla/5.0.E . The HTTP GET is encoded.View AnswerAnswer: A
Which incidence response step includes identifying all hosts affected by an attack?
Which incidence response step includes identifying all hosts affected by an attack?A . detection and analysisB . post-incident activityC . preparationD . containment, eradication, and recoveryView AnswerAnswer: D
What are two differences in how tampered and untampered disk images affect a security incident? (Choose two.)
What are two differences in how tampered and untampered disk images affect a security incident? (Choose two.)A . Untampered images are used in the security investigation processB . Tampered images are used in the security investigation processC . The image is tampered if the stored hash and the computed hash...
