Which attack is integrated with the lowest levels of the operating system of a host and attempts to completely hide the activities of the threat actor on the local system?…
Which evasion method describes the situation that after gaining access to the administrator password on a compromised host, a threat actor is attempting to login to another host using the…
To which category of security attacks does man-in-the-middle belong? DoS access reconnaissance social engineering Explanation & Hint: With a man-in-the-middle attack, a threat actor is positioned in between two legitimate…
What is an example of a local exploit? Port scanning is used to determine if the Telnet service is running on a remote server. A threat actor performs a brute…
Which attack surface, defined by the SANS Institute, is delivered through the exploitation of vulnerabilities in web, cloud, or host-based applications? host human network software Explanation & Hint: The SANS…
Using Tcpdump and Wireshark, a security analyst extracts a downloaded file from a pcap file. The analyst suspects that the file is a virus and wants to know the file…
Which regular expression would match any string that contains 4 consecutive zeros? [0-4] 0{4} {0-4} ^0000 Explanation & Hint: The regular expression 0{4} matches any string that contains 4 repetitions…
What will match the regular expression ^83? any string that begins with 83 any string that ends with 83 any string that includes 83 any string with values greater than…
What classification is used for an alert that correctly identifies that an exploit has occurred? true positive false positive true negative false negative Explanation & Hint: A true positive occurs…
Match the IPS alarm with the description. false positive ==> normal traffic is incorrectly identified as a threat false negative ==> malicious traffic is not correctly identified as a threat true positive…
Refer to the exhibit. Which technology generated the event log? Wireshark web proxy syslog Netflow Explanation & Hint: The source of the output is Netflow. For more Questions and Answers:…
Which data security component is provided by hashing algorithms? key exchange confidentiality integrity authentication Explanation & Hint: Hashing algorithms are used to provide message integrity, which ensures that data in…
9.2.1 Packet Tracer – Implement Multiarea OSPFv2 Answers Packet Tracer - Implement Multiarea OSPFv2 (Answers Version) Answers Note: Red font color or gray highlights indicate text that appears in the…
8.2.1 Packet Tracer – Configuring OSPFv2 in a Single Area Answers Packet Tracer - Configure OSPFv2 in Single Area (Answers Version) Answers Note: Red font color or gray highlights indicate…
1.2.1 Packet Tracer – Inter-VLAN Routing Challenge Answers Packet Tracer - Inter-VLAN Routing Challenge (Answers Version) Answers Note: Red font color or gray highlights indicate text that appears in the…
Match the security service with the description. ACL ==> a series of commands that control whether a device forwards or drops packets SNMP ==> allows administrators to manage network devices NetFlow ==> provides…
What is a feature of an IPS? It can stop malicious packets. It has no impact on latency. It is deployed in offline mode. It is primarily focused on identifying…
Refer to the exhibit. A security specialist is using Wireshark to review a PCAP file generated by tcpdump . When the client initiated a file download request, which source socket…
Which type of analysis relies on different methods to establish the likelihood that a security event has happened or will happen? deterministic log statistical probabilistic Explanation & Hint: Probabilistic methods…
Which type of analysis relies on predefined conditions and can analyze applications that only use well-known fixed ports? probabilistic deterministic statistical log Explanation & Hint: Deterministic analysis uses predefined conditions…