A cyber security analyst is reviewing security alerts in Sguil. What are three pieces of information included in an alert to identify the device generating the alert? (Choose three.)
- host domain name
- Layer 4 segment sequence number
- source and destination IP address
- IP protocol number
- source and destination Layer 4 port
- source and destination MAC address
| Explanation & Hint:
Sguil provides a console to view alerts generated by network security monitoring tools. The alerts will usually include five-tuples of information and time stamps. The five-tuples include the source and destination IP address, source and destination Layer 4 ports, and the IP protocol number. |