Refer to the exhibit. What solution can provide a VPN between site A and site B to support encapsulation of any Layer 3 protocol between the internal networks at each…
What are two evasion techniques that are used by hackers? (Choose two.) phishing Trojan horse reconnaissance rootkit pivot Answers Explanation & Hints: The following methods are used by hackers to…
A company has a file server that shares a folder named Public. The network security policy specifies that the Public folder is assigned Read-Only rights to anyone who can log…
Match the Windows 10 Registry key with its description. (Not all options are used.) Explanation & Hint: HKEY_CLASSES_ROOT (HKCR): Contains settings about the file system, file associations, shortcuts used when…
What is a property of the ARP table on a device? Every operating system uses the same timer to remove old entries from the ARP cache. Entries in an ARP…
What best describes the security threat of spoofing? sending bulk email to individuals, lists, or domains with the intention to prevent users from accessing email intercepting traffic between two hosts…
What are the three core functions provided by the Security Onion? (Choose three.) business continuity planning alert analysis security device management threat containment intrusion detection full packet capture Answers Explanation…
Match the alert classification with the description. Explanation & Hint: True Positive: Malicious traffic is correctly identified as a threat. This means the system accurately detected actual malicious activity. False…
A network administrator is configuring an AAA server to manage RADIUS authentication. Which two features are included in RADIUS authentication? (Choose two.) single process for authentication and authorization separate processes…
Which term is used to describe the process of identifying the NSM-related data to be gathered? data archiving data normalization data reduction data retention Explanation & Hint: The term used…
Which tool included in the Security Onion is a series of software plugins that send different types of data to the Elasticsearch data stores? OSSEC Curator Beats ElastAlert Explanation &…
What information is required for a WHOIS query? outside global address of the client FQDN of the domain ICANN lookup server address link-local address of the domain owner Explanation &…
Which application layer protocol is used to provide file-sharing and print services to Microsoft applications? SMB DHCP HTTP SMTP Answers Explanation & Hints: SMB is used in Microsoft networking for…
Which two network protocols can be used by a threat actor to exfiltrate data in traffic that is disguised as normal network traffic? (Choose two.) syslog DNS SMTP NTP HTTP…
What are the two ways threat actors use NTP? (Choose two.) Threat actors use NTP systems to direct DDoS attacks. They place iFrames on a frequently used corporate web page.…
Match the SOC metric with the description. (Not all options apply.) Explanation & Hint: MTTD (Mean Time to Detect) - This metric corresponds to "The average time that it takes…
Which device supports the use of SPAN to enable monitoring of malicious activity? Cisco IronPort Cisco Security Agent Cisco Catalyst switch Cisco NAC Explanation & Hint: The device that supports…
Match the SIEM function to the description. Explanation & Hint: Aggregation: This function reduces the volume of event data by consolidating duplicate event records. It collects log data from various…
Which two ICMPv6 messages are used during the Ethernet MAC address resolution process? (Choose two.) router solicitation neighbor advertisement router advertisement neighbor solicitation echo request Answers Explanation & Hints: IPv6…
What are two characteristics of the SLAAC method for IPv6 address configuration? (Choose two.) Clients send router advertisement messages to routers to request IPv6 addressing. IPv6 addressing is dynamically assigned…