- All Exams Instant Download
Which of the following are the three broad categories of cybersecurity investigations?
Which of the following are the three broad categories of cybersecurity investigations?A . Public, private, and individual investigationsB . Judiciary, private, and individual investigationsC . Public, private, and corporate investigationsD . Government, corporate, and private investigationsView AnswerAnswer: A
Which CVSSv3 metric value increases when attacks consume network bandwidth, processor cycles, or disk space?
Which CVSSv3 metric value increases when attacks consume network bandwidth, processor cycles, or disk space?A . confidentialityB . integrityC . availabilityD . complexityView AnswerAnswer: C
Which of the following are not components of the 5-tuple of a flow in NetFlow? (Select all that apply.)
Which of the following are not components of the 5-tuple of a flow in NetFlow? (Select all that apply.)A . Source IP addressB . Flow record IDC . GatewayD . Source portE . Destination portView AnswerAnswer: BC
Which analyzing technique describe the outcome as well as how likely each outcome is?
Which analyzing technique describe the outcome as well as how likely each outcome is?A . deterministicB . exploratoryC . probabilisticD . descriptiveView AnswerAnswer: C
Which option is unnecessary for determining the appropriate containment strategy according to NIST.SP800-61 r2?
Which option is unnecessary for determining the appropriate containment strategy according to NIST.SP800-61 r2?A . effectiveness of the strategyB . time and resource needed to implement the strategyC . need for evidence preservationD . attack vector used to compromise the systemView AnswerAnswer: AB
What is the definition of confidentiality according to CVSSv3 framework?
What is the definition of confidentiality according to CVSSv3 framework?A . this metric measures the impact to the confidentiality of the information resources managed by a software component due to a successfully exploited vulnerability.View AnswerAnswer: A
Which of the following is one of the main goals of the CSIRT?
Which of the following is one of the main goals of the CSIRT?A . To configure the organization's firewallsB . To monitor the organization's IPS devicesC . To minimize and control the damage associated with incidents, provide guidance for mitigation, and work to prevent future incidentsD . To hire security...
From a security perspective, why is it important to employ a clock synchronization protocol on a network?
From a security perspective, why is it important to employ a clock synchronization protocol on a network?A . so that everyone knows the local timeB . to ensure employees adhere to work scheduleC . to construct an accurate timeline of events when responding to an incidentD . to guarantee that...
Which expression creates a filter on a host IP address or name?
Which expression creates a filter on a host IP address or name?A . [src|dst] host <host host >B . [tcp|udp] [src|dst] port<port>C . ether [src|dst] host<ehost>D . gateway host <host>View AnswerAnswer: A Explanation: https://www.wireshark.org/docs/wsug_html_chunked/ChCapCaptureFilterSection.html
Which option is the logical source device for these events?
Refer to exhibit. Which option is the logical source device for these events?A . web serverB . NetFlow collectorC . proxy serverD . IDS/IPSView AnswerAnswer: A
