Malware often takes the form of binary files. To prove the assertion that a malicious file was downloaded, submitting the output of a sandbox detonation report along with an IPS…
The process of relating multiple security event records to gain more clarity than is available from any security event record in isolation is called what? corroboration correlation aggregation normalization summarization…
Match each color of the TLP to the correct description: Disclosure is not limited ==> white Not for disclosure, which is restricted to participants only ==> green Limited disclosure, which is restricted…
Which organization publishes a report of the top 10 most widely exploited web application vulnerabilities? OWASP Spamhaus Alexa Farsight Explanation & Hint: The organization that publishes a report of the…
Which two statements are true about CVSS? (Choose two.) CVSS is vendor agnostic. CVSS is Cisco proprietary. CVSS is designed to calculate the chances of a network being attacked. CVSS…
Which CVSS v3.0 metric group is optionally computed by the end-user organizations to adjust the score? temporal environmental maturity scope Explanation & Hint: The Environmental metric group within CVSS (Common…
During the cyber threat hunting cycle, what is the next step after the analyst created a hypothesis? Based on the hypothesis, discover a pattern or the attacker’s tactics, techniques, and…
Which capability is available when only the SOC operates at the highest level of the hunting maturity model (HM4)? detecting IDS or IPS malicious behaviors automating of the analysis procedures…
Which organization can provide information to the security analysts about DNS? OWASP Spamhaus Alexa Farsight Explanation & Hint: For information about DNS (Domain Name System), the organization that is specifically…
The report confidence metric is part of which CVSS v3.0 metrics group? base temporal environmental maturity Explanation & Hint: The "Report Confidence" metric is part of the Temporal metric group…
The scope metric is part of which CVSS v3.0 metrics group? base temporal environmental maturity Explanation & Hint: The scope metric is part of the Base metric group in CVSS…
Using environmental metrics, which three security requirement metric values allow the confidentiality score to be customized depending on the criticality of the affected IT asset? (Choose three.) none secret top…
A SOC analyst is alerted that .kirbi files are being modified on a system. Which hacking tool is likely being used by an adversary on the impacted system? Sqlmap Mimikatz…
What mitigation strategy can an application use to defend against SQL injection attacks? Validate user-supplied input data. Implement security controls that block SQL traffic. Run web applications only on Windows…
Cisco Secure Firewall detects suspicious traffic that exhibits scanning-like behavior that originates from a seldom used printer on the network. Which type of Nmap scan is possibly being detected? TCP…
What is the name of a metasploit payload type that is referred to as an inline payload? Stages Static Stager Singles Explanation & Hint: In Metasploit, an inline payload is…
What is a recommended strategy for defending against PowerShell attacks? Enable all service accounts to mitigate credential theft. Configure logging to exclude account creation or deletion events. Block PowerShell with…
What is the goal of hacktivism? social change ransom DoS phishing Explanation & Hint: The primary goal of hacktivism is "social change." Hacktivism is the act of hacking, or breaking…
What was the target in the Colonial Pipeline ransomware attack? SCADA system Orion software platform Microsoft Exchange PowerShell Explanation & Hint: PowerShell is a task automation and configuration management framework…
What is the purpose of NIST? associations between companies and governments to provide computer emergency response framework of security requirements that global organizations must implement to protect the security and…