What is specified in the plan element of the NIST incident response plan? metrics for measuring the incident response capability and effectiveness organizational structure and the definition of roles, responsibilities,…
What is defined in the policy element of the NIST incident response plan? how to handle incidents based on the mission and functions of an organization how the incident response…
Match the NIST incident response life cycle phase with the description. post incident activities ==> Document how incidents are handled. containment, eradication, and recovery ==> Implement procedures to eradicate the impact to…
A company is applying the NIST.SP800-61 r2 incident handling process to security events. What are two examples of incidents that are in the category of precursor? (Choose two.) an IDS…
During the detection and analysis phase of the NIST incident response process life cycle, which sign category is used to describe that an incident might occur in the future? attrition…
Place the seven steps defined in the Cyber Kill Chain in the correct order. delivery ==> Step 3 installation ==> Step 5 exploitation ==> Step 4 weaponization ==> Step 2 reconnaissance ==> Step 1 action…
Which three things will a threat actor do to prepare a DDoS attack against a target system on the Internet? (Choose three.) Collect and exfiltrate data. Install attack software on…
According to the Cyber Kill Chain model, after a weapon is delivered to a targeted system, what is the next step that a threat actor would take? installation exploitation weaponization…
When establishing a server profile for an organization, which element describes the type of service that an application is allowed to run on the server? user account listening port service…
Lab – Operating System Login (Answer Version) Answer Note: Red font color or gray highlights indicate text that appears in the Answer copy only. Objectives In this activity, you will…
Lab - Privacy and Gaming (Answer Version) Answer Note: Red font color or gray highlights indicate text that appears in the Answer copy only. Objectives In this activity, you will…
Lab - Permissions (Answer Version) Answer Note: Red font color or gray highlights indicate text that appears in the Answer copy only. Objectives In this lab, you will explore the…
Lab - Boot Methods (Answer Version) Answer Note: Red font color or gray highlights indicate text that appears in the Answer copy only. Objectives In this activity, you will investigate…
Lab – Operating System Upgrades (Answer Version) Answer Note: Red font color or gray highlights indicate text that appears in the Answer copy only. Introduction In this lab, you will…
Lab - Safety (Answer Version) Answer Note: Red font color or gray highlights indicate text that appears in the instructor copy only. Objectives In this lab, you will use common…
Which tool captures full data packets with a command-line interface only? nfdump NBAR2 tcpdump Wireshark Explanation & Hint: The command-line tool tcpdump is a packet analyzer. Wireshark is a packet analyzer with…
Which type of data is used by Cisco Cognitive Intelligence to find malicious activity that has bypassed security controls, or entered through unmonitored channels, and is operating inside an enterprise…
Which statement describes the function provided by the Tor network? It distributes user packets through load balancing. It allows users to browse the Internet anonymously. It conceals packet contents by…
Which security function is provided by encryption algorithms? key management authorization integrity confidentiality Explanation & Hint: Encryption algorithms are used to provide data confidentiality, which ensures that if data is…
Which two attacks target web servers through exploiting possible vulnerabilities of input functions used by an application? (Choose two.) SQL injection port scanning port redirection trust exploitation cross-site scripting Explanation…