71. A security analyst reviews domain activity logs and notices the following:

C. An attacker is attempting to brute force smith's account.

123. A Chief Information Security Officer wants to monitor the company's servers for SQLi attacks and allow for comprehensive investigations if an attack occurs. The company uses SSL decryption to allow traffic monitoring. Which of the following strategies would best accomplish this goal?

D. Enabling full packet capture for traffic entering and exiting the servers

132. Which of the following describes the reason root cause analysis should be conducted as part of incident response?

D. To prevent future incidents of the same nature

148. Which of the following scenarios describes a possible business email compromise attack?

C. A service desk employee receives an email from the HR director asking for log-in credentials to a cloud administrator account.

204. The CIRT is reviewing an incident that involved a human resources recruiter exfiltrating sensitive company data. The CIRT found that the recruiter was able to use HTTP over port 53 to upload documents to a web server. Which of the following security infrastructure devices could have identified and blocked this activity?

B. NGFW utilizing application inspection

271. Which of the following best describes a use case for a DNS sinkhole?

C. A DNS sinkhole can be used to capture traffic to known-malicious domains used by attackers.

282. A security team has been alerted to a flood of incoming emails that have various subject lines and are addressed to multiple email inboxes. Each email contains a URL shortener link that is redirecting to a dead domain. Which of the following is the best step for the security team to take?

B. Send the dead domain to a DNS sinkhole.

336. A company tested and validated the effectiveness of network security appliances within the corporate network. The IDS detected a high rate of SQL injection attacks against the company's servers, and the company's perimeter firewall is at capacity. Which of the following would be the best action to maintain security and reduce the traffic to the perimeter firewall?

A. Set the appliance to IPS mode and place it in front of the company firewall.

SYO 701 SOC - SIEM - INCIDENT RESPONSE Module FC

Flashcard

•

Computers

•

University

•

Practice Problem

•

Hard

Oak Academy

FREE Resource

Student preview

102 questions

Show all answers

FLASHCARD QUESTION

Front

4. A company is planning to set up a SIEM system and assign an analyst to review the logs on a weekly basis. Which of the following types of controls is the company setting up?

Back

C. Detective

FLASHCARD QUESTION

Front

8. A security analyst locates a potentially malicious video file on a server and needs to identify both the creation date and the file's creator. Which of the following actions would most likely give the security analyst the information required?

Back

D. Query the file's metadata

FLASHCARD QUESTION

Front

12. A company's public-facing website, https://www.organization.com, has an IP address of 166.18.75.6. However, over the past hour the SOC has received reports of the site's homepage displaying incorrect information. A quick nslookup search shows https://www.organization.com is pointing to 151.191.122.115. Which of the following is occurring?

Back

C. DNS spoofing

FLASHCARD QUESTION

Front

14. A security manager created new documentation to use in response to various types of security incidents. Which of the following is the next step the manager should take?

Back

D. Conduct a tabletop exercise with the team.

FLASHCARD QUESTION

Front

15. A company's end users are reporting that they are unable to reach external websites. After reviewing the performance data for the DNS severs, the analyst discovers that the CPU, disk, and memory usage are minimal, but the network interface is flooded with inbound traffic. Network logs show only a small number of DNS queries sent to this server. Which of the following best describes what the security analyst is seeing?

Back

D. Reflected denial of service

FLASHCARD QUESTION

Front

46. During an investigation, an incident response team attempts to understand the source of an incident. Which of the following incident response activities describes this process?

Back

A. Analysis

FLASHCARD QUESTION

Front

48. Which of the following incident response activities ensures evidence is properly handied?

Back

B. Chain of custody

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

95 questions

Understanding Culture, Society, and Politics

Flashcard

•

11th Grade

100 questions

Vocabulario en Español

Flashcard

•

10th Grade

117 questions

Comunicación Oral y Escrita

Flashcard

•

12th Grade

71 questions

English-Vietnamese Vocabulary Flashcards

Flashcard

•

University

111 questions

Getaran dan Gelombang

Flashcard

•

7th Grade

67 questions

Path and Factor Analysis

Flashcard

•

University

64 questions

Japanese Language and Contextual Understanding

Flashcard

•

11th Grade

64 questions

Vocabulary Flashcards

Flashcard

•

10th Grade

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

10 questions

Probability Practice

Quiz

•

4th Grade

15 questions

Probability on Number LIne

Quiz

•

4th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

6 questions

Appropriate Chromebook Usage

Lesson

•

7th Grade

10 questions

Greek Bases tele and phon

Quiz

•

6th - 8th Grade

Discover more resources for Computers

12 questions

IREAD Week 4 - Review

Quiz

•

3rd Grade - University

20 questions

Endocrine System

Quiz

•

University

7 questions

Renewable and Nonrenewable Resources

Interactive video

•

4th Grade - University

30 questions

W25: PSYCH 250 - Exam 2 Practice

Quiz

•

University

5 questions

Inherited and Acquired Traits of Animals

Interactive video

•

4th Grade - University

20 questions

Implicit vs. Explicit

Quiz

•

6th Grade - University

7 questions

Comparing Fractions

Interactive video

•

1st Grade - University

38 questions

Unit 8 Review - Absolutism & Revolution

Quiz

•

10th Grade - University