- All Exams Instant Download
Which HTTP header field is used in forensics to identify the type of browser used?
Which HTTP header field is used in forensics to identify the type of browser used?A . referrerB . hostC . user-agentD . accept-languageView AnswerAnswer: C
Which action should be taken if the system is overwhelmed with alerts when false positives and false negatives are compared?
Which action should be taken if the system is overwhelmed with alerts when false positives and false negatives are compared?A . Modify the settings of the intrusion detection system.B . Design criteria for reviewing alerts.C . Redefine signature rules.D . Adjust the alerts schedule.View AnswerAnswer: A
Which list identifies the information that the client sends to the server in the negotiation phase of the TLS handshake?
Which list identifies the information that the client sends to the server in the negotiation phase of the TLS handshake?A . ClientStart, ClientKeyExchange, cipher-suites it supports, and suggested compression methodsB . ClientStart, TLS versions it supports, cipher-suites it supports, and suggested compression methodsC . ClientHello, TLS versions it supports, cipher-suites...
Which information is available on the server certificate?
When communicating via TLS, the client initiates the handshake to the server and the server responds back with its certificate for identification. Which information is available on the server certificate?A . server name, trusted subordinate CA, and private keyB . trusted subordinate CA, public key, and cipher suitesC . trusted...
Which NIST IR category stakeholder is responsible for coordinating incident response among various business units, minimizing damage, and reporting to regulatory agencies?
Which NIST IR category stakeholder is responsible for coordinating incident response among various business units, minimizing damage, and reporting to regulatory agencies?A . CSIRTB . PSIRTC . public affairsD . managementView AnswerAnswer: D
Which type of log is displayed?
Refer to the exhibit. Which type of log is displayed?A . IDSB . proxyC . NetFlowD . sysView AnswerAnswer: D
Which type of log is displayed?
Refer to the exhibit. Which type of log is displayed?A . proxyB . NetFlowC . IDSD . sysView AnswerAnswer: B
Which security technology allows only a set of pre-approved applications to run on a system?
Which security technology allows only a set of pre-approved applications to run on a system?A . application-level blacklistingB . host-based IPSC . application-level whitelistingD . antivirusView AnswerAnswer: C
Which piece of information is needed to search for additional downloads of this file by other hosts?
A malicious file has been identified in a sandbox analysis tool. Which piece of information is needed to search for additional downloads of this file by other hosts?A . file typeB . file sizeC . file nameD . file hash valueView AnswerAnswer: D
What information is depicted?
Refer to the exhibit. What information is depicted?A . IIS dataB . NetFlow dataC . network discovery eventD . IPS event dataView AnswerAnswer: B
