Match the common network technology or protocol with the description. (Not all options are used.)

CyberOps Associate (Version 1.0) - CyberOps Associate 1.0 Final exam Answers 021
CyberOps Associate (Version 1.0) – CyberOps Associate 1.0 Final exam Answers 021
Explanation & Hint:

  1. NTP (Network Time Protocol): “uses a hierarchy of authoritative time sources to send time information between devices on the network.” NTP is designed to synchronize the clocks of computers over a network.
  2. Syslog: “uses UDP port 514 for logging event messages from network devices and endpoints.” Syslog is a standard for message logging and often uses UDP port 514.
  3. ICMP (Internet Control Message Protocol): “used by attackers to identify hosts on a network and the structure of the network.” ICMP is used for diagnostic and control purposes, such as the ping command, but can also be utilized by attackers for network scanning.
  4. DNS (Domain Name System): “used by attackers to exfiltrate data in traffic disguised as normal client queries.” While DNS is actually a system that translates domain names to IP addresses, attackers can misuse DNS queries to covertly move data out of a compromised system because DNS traffic is often allowed through firewalls.

For more Questions and Answers:

CyberOps Associate 1.0 & CA 1.02 Final Exam Answers Full 100%