- All Exams Instant Download
Which information must be left out of a final incident report?
Which information must be left out of a final incident report?A . server hardware configurationsB . exploit or vulnerability usedC . impact and/or the financial lossD . how the incident was detectedView AnswerAnswer: A
Which of the following can be identified by correlating DNS intelligence and other security events? (Choose two.)
Which of the following can be identified by correlating DNS intelligence and other security events? (Choose two.)A . Communication to CnC serversB . Configuration issuesC . Malicious domains based on reputationD . Routing problemsView AnswerAnswer: AC
Which option has a drastic impact on network traffic because it can cause legitimate traffic to be blocked?
Which option has a drastic impact on network traffic because it can cause legitimate traffic to be blocked?A . true positiveB . true negativeC . false positiveD . false negativeView AnswerAnswer: C
In the context of incident handling phases, which two activities fall under scoping? (Choose two.)
In the context of incident handling phases, which two activities fall under scoping? (Choose two.)A . determining the number of attackers that are associated with a security incidentB . ascertaining the number and types of vulnerabilities on your networkC . identifying the extent that a security incident is impacting protected...
How is confidentiality defined in the CVSS v3.0 framework?
How is confidentiality defined in the CVSS v3.0 framework?A . confidentiality of the information resource managed by person due to an unsuccessfully exploited vulnerabilityB . confidentiality of the information resource managed by a person due to a successfully vulnerabilityC . confidentiality of the information resources managed by a software component...
Which value in profiling servers in a system is true?
Which value in profiling servers in a system is true?A . it can identify when network performance has decreasedB . it can identify servers that have been exploitedC . it can identify when network ports have been connectedD . it can protect the address space of critical hosts.View AnswerAnswer: C
Which option filters a LibPCAP capture that used a host as a gateway?
Which option filters a LibPCAP capture that used a host as a gateway?A . tcp|udp] [src|dst] port <port>B . [src|dst] net <net> [{mask <mask>}|{len <len>}]C . ether [src|dst] host <ehost>D . gateway host <host>View AnswerAnswer: D
Which of the following is not an example of the VERIS main schema categories?
Which of the following is not an example of the VERIS main schema categories?A . Incident trackingB . Victim demographicsC . Incident descriptionsD . Incident forensics IDView AnswerAnswer: D
What is a listening port?
What is a listening port?A . A port that remains open and waiting for incoming connectionsView AnswerAnswer: A
Which of the following is not a metadata feature of the Diamond Model?
Which of the following is not a metadata feature of the Diamond Model?A . DirectionB . ResultC . DevicesD . ResourcesView AnswerAnswer: C
