Blog

A security analyst is reviewing information contained in a Wireshark capture created during an attempted intrusion. The analyst wants to correlate the Wireshark information with the log files from two…

A security analyst is investigating a cyber attack that began by compromising one file system through a vulnerability in a custom software application. The attack now appears to be affecting…

Which metric in the CVSS Base Metric Group is used with an attack vector? the proximity of the threat actor to the vulnerability the determination whether the initial authority changes…

Which type of evaluation includes the assessment of the likelihood of an attack, the type of threat actor likely to perpetrate such an attack, and what the consequences could be…

Which component is a pillar of the zero trust security approach that focuses on the secure access of devices, such as servers, printers, and other endpoints, including devices attached to…

Which access control model assigns security privileges based on the position, responsibilities, or job classification of an individual or group within an organization? discretionary role-based mandatory rule-based Explanation & Hint:…

Which access control model applies the strictest access control and is often used in military and mission critical applications? discretionary mandatory nondiscretionary attribute-based Explanation & Hint: Military and mission critical…

Match the file system term used in Linux to the function. ext4 ==> supports increased file sizes journaling ==> minimizes file corruption risk in the event of power loss MBR ==> stores information…

The SOC manager is reviewing the metrics for the previous calendar quarter and discovers that the MTTD for a breach of password security perpetrated through the Internet was forty days.…

Which SOC technology automates security responses by using predefined playbooks which require a minimum amount of human intervention? SOAR SIEM NetFlow Wireshark syslog Explanation & Hint: SOAR technology goes a…

Which security endpoint setting would be used by a security analyst to determine if a computer has been configured to prevent a particular application from running? baselining block listing services…

Which two algorithms use a hashing function to ensure message integrity? (Choose two.) SEAL AES 3DES MD5 SHA Explanation & Hint: Hashing algorithms are used to provide data integrity, which…

Refer to the exhibit. Which technology would contain information similar to the data shown for infrastructure devices within a company? Apache server firewall HIDS syslog server Explanation & Hint: A…

Refer to the exhibit. A security analyst is reviewing the logs of an Apache web server. Which action should the analyst take based on the output shown? Ignore the message.…

When attempting to improve system performance for Linux computers with a limited amount of memory, why is increasing the size of the swap file system not considered the best solution?…

Which Windows tool can be used by a cybersecurity administrator to secure stand-alone computers that are not part of an active directory domain? Local Security Policy Windows Defender Windows Firewall…

Which Windows application is commonly used by a cybersecurity analyst to view Microsoft IIS access logs? Event Viewer Notepad SIEM Word Explanation & Hint: Event Viewer is an application on…

Refer to the exhibit. Approximately what percentage of the physical memory is still available on this Windows system? 32% 53% 68% 90% Explanation & Hint: The graphic shows that there…

Refer to the exhibit. A security specialist is checking if files in the directory contain ADS data. Which switch should be used to show that a file has ADS attached?…

Match the Windows term to the description. alternate data streams ==> a method of adding information to an NTFS-based file EFI ==> upgraded firmware that stores boot code in the firmware FAT32…