What is a difference between inline traffic interrogation and traffic mirroring?

What is a difference between inline traffic interrogation and traffic mirroring?A . Inline inspection acts on the original traffic data flowB . Traffic mirroring passes live traffic to a tool for blockingC . Traffic mirroring inspects live traffic for analysis and mitigationD . Inline traffic copies packets for analysis and...

February 9, 2021 No Comments READ MORE +

What is a feature of Windows Management Instrumentation that must be considered when deciding on an operating system?

An analyst is exploring the functionality of different operating systems. What is a feature of Windows Management Instrumentation that must be considered when deciding on an operating system?A . queries Linux devices that have Microsoft Services for Linux installedB . deploys Windows Operating Systems in an automated fashionC . is...

February 8, 2021 No Comments READ MORE +

Which HTTP header field is used in forensics to identify the type of browser used?

Which HTTP header field is used in forensics to identify the type of browser used?A . referrerB . hostC . user-agentD . accept-languageView AnswerAnswer: C

February 8, 2021 No Comments READ MORE +

Which event artifact is used to identity HTTP GET requests for a specific file?

Which event artifact is used to identity HTTP GET requests for a specific file?A . destination IP addressB . TCP ACKC . HTTP status codeD . URIView AnswerAnswer: D

February 7, 2021 No Comments READ MORE +

Which principle is being followed when an analyst gathers information relevant to a security incident to determine the appropriate course of action?

Which principle is being followed when an analyst gathers information relevant to a security incident to determine the appropriate course of action?A . decision makingB . rapid responseC . data miningD . due diligenceView AnswerAnswer: A

February 7, 2021 No Comments READ MORE +

What should a security analyst consider when comparing inline traffic interrogation with traffic tapping to determine which approach to use in the network?

What should a security analyst consider when comparing inline traffic interrogation with traffic tapping to determine which approach to use in the network?A . Tapping interrogation replicates signals to a separate port for analyzing trafficB . Tapping interrogations detect and block malicious trafficC . Inline interrogation enables viewing a copy...

February 7, 2021 No Comments READ MORE +

What is the potential threat identified in this Stealthwatch dashboard?

Refer to the exhibit. What is the potential threat identified in this Stealthwatch dashboard?A . Host 10.201.3.149 is sending data to 152.46.6.91 using TCP/443.B . Host 152.46.6.91 is being identified as a watchlist country for data transfer.C . Traffic to 152.46.6.149 is being denied by an Advanced Network Control policy.D...

February 6, 2021 No Comments READ MORE +

What does the output indicate about the server with the IP address 172.18.104.139?

Refer to the exhibit. What does the output indicate about the server with the IP address 172.18.104.139?A . open ports of a web serverB . open port of an FTP serverC . open ports of an email serverD . running processes of the serverView AnswerAnswer: C

February 6, 2021 No Comments READ MORE +

Which piece of file information from the analysis is needed to search for additional downloads of this file by other hosts?

You have identified a malicious file in a sandbox analysis tool. Which piece of file information from the analysis is needed to search for additional downloads of this file by other hosts?A . file nameB . file hash valueC . file typeD . file sizeView AnswerAnswer: B

February 5, 2021 No Comments READ MORE +

What is the difference between deep packet inspection and stateful inspection?

What is the difference between deep packet inspection and stateful inspection?A . Deep packet inspection is more secure than stateful inspection on Layer 4B . Stateful inspection verifies contents at Layer 4 and deep packet inspection verifies connection at Layer 7C . Stateful inspection is more secure than deep packet...

February 4, 2021 No Comments READ MORE +