Which step in the incident response process researches an attacking host through logs in a SIEM?
A.
detection and analysis
B.
preparation
C.
eradication
D.
containment
detection and analysis
What are two social engineering techniques? (Choose two.)
A.
privilege escalation
B.
DDoS attack
C.
phishing
D.
man-in-the-middle
E.
pharming
phishing
pharming
What is an attack surface as compared to a vulnerability?
A.
any potential danger to an asset
B.
the sum of all paths for data into and out of the application
C.
an exploitable weakness in a system or its design
D.
the individuals who perform an attack
the sum of all paths for data into and out of the application
An intruder attempted malicious activity and exchanged emails with a user and received
corporate information, including email distribution lists. The intruder asked the user to
engage with a link in an email. When the fink launched, it infected machines and the
intruder was able to access the corporate network.
Which testing method did the intruder use?
A.
social engineering
B.
eavesdropping
C.
piggybacking
D.
tailgating
social engineering
Which signature impacts network traffic by causing legitimate traffic to be blocked?
A.
false negative
B.
true positive
C.
true negative
D.
false positive
false positive
Which type of data consists of connection level, application-specific records generated from network traffic?
A.
transaction data
B.
location data
C.
statistical data
D.
alert data
transaction data
Which regular expression matches "color" and "colour"?
A.
colo?ur
B.
col[08]+our
C.
colou?r
D.
col[09]+our
colou?r
Which event is user interaction?
A.
gaining root access
B.
executing remote code
C.
reading and writing file permission
D.
opening a malicious file
opening a malicious file
How does certificate authority impact a security system?
A.
It authenticates client identity when requesting SSL certificate
B.
It validates domain identity of a SSL certificate
C.
It authenticates domain identity when requesting SSL certificate
D.
It validates client identity when communicating with the server
It validates domain identity of a SSL certificate
What is a benefit of agent-based protection when compared to agentless protection?
A.
It lowers maintenance costs
B.
It provides a centralized platform
C.
It collects and detects all traffic locally
D.
It manages numerous devices simultaneously
It provides a centralized platform
| Page 10 out of 41 Pages |
| Previous |
Copyright © - All Rights Reserved