71. A security analyst reviews domain activity logs and notices the following:

C. An attacker is attempting to brute force smith's account.

123. A Chief Information Security Officer wants to monitor the company's servers for SQLi attacks and allow for comprehensive investigations if an attack occurs. The company uses SSL decryption to allow traffic monitoring. Which of the following strategies would best accomplish this goal?

D. Enabling full packet capture for traffic entering and exiting the servers

132. Which of the following describes the reason root cause analysis should be conducted as part of incident response?

D. To prevent future incidents of the same nature

148. Which of the following scenarios describes a possible business email compromise attack?

C. A service desk employee receives an email from the HR director asking for log-in credentials to a cloud administrator account.

204. The CIRT is reviewing an incident that involved a human resources recruiter exfiltrating sensitive company data. The CIRT found that the recruiter was able to use HTTP over port 53 to upload documents to a web server. Which of the following security infrastructure devices could have identified and blocked this activity?

B. NGFW utilizing application inspection

271. Which of the following best describes a use case for a DNS sinkhole?

C. A DNS sinkhole can be used to capture traffic to known-malicious domains used by attackers.

282. A security team has been alerted to a flood of incoming emails that have various subject lines and are addressed to multiple email inboxes. Each email contains a URL shortener link that is redirecting to a dead domain. Which of the following is the best step for the security team to take?

B. Send the dead domain to a DNS sinkhole.

336. A company tested and validated the effectiveness of network security appliances within the corporate network. The IDS detected a high rate of SQL injection attacks against the company's servers, and the company's perimeter firewall is at capacity. Which of the following would be the best action to maintain security and reduce the traffic to the perimeter firewall?

A. Set the appliance to IPS mode and place it in front of the company firewall.

SYO 701 SOC - SIEM - INCIDENT RESPONSE Module FC

Flashcard

•

Computers

•

University

•

Practice Problem

•

Hard

Oak Academy

FREE Resource

Student preview

102 questions

Show all answers

FLASHCARD QUESTION

Front

4. A company is planning to set up a SIEM system and assign an analyst to review the logs on a weekly basis. Which of the following types of controls is the company setting up?

Back

C. Detective

FLASHCARD QUESTION

Front

8. A security analyst locates a potentially malicious video file on a server and needs to identify both the creation date and the file's creator. Which of the following actions would most likely give the security analyst the information required?

Back

D. Query the file's metadata

FLASHCARD QUESTION

Front

12. A company's public-facing website, https://www.organization.com, has an IP address of 166.18.75.6. However, over the past hour the SOC has received reports of the site's homepage displaying incorrect information. A quick nslookup search shows https://www.organization.com is pointing to 151.191.122.115. Which of the following is occurring?

Back

C. DNS spoofing

FLASHCARD QUESTION

Front

14. A security manager created new documentation to use in response to various types of security incidents. Which of the following is the next step the manager should take?

Back

D. Conduct a tabletop exercise with the team.

FLASHCARD QUESTION

Front

15. A company's end users are reporting that they are unable to reach external websites. After reviewing the performance data for the DNS severs, the analyst discovers that the CPU, disk, and memory usage are minimal, but the network interface is flooded with inbound traffic. Network logs show only a small number of DNS queries sent to this server. Which of the following best describes what the security analyst is seeing?

Back

D. Reflected denial of service

FLASHCARD QUESTION

Front

46. During an investigation, an incident response team attempts to understand the source of an incident. Which of the following incident response activities describes this process?

Back

A. Analysis

FLASHCARD QUESTION

Front

48. Which of the following incident response activities ensures evidence is properly handied?

Back

B. Chain of custody

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

73 questions

Korean Vocabulary Flashcards

Flashcard

•

12th Grade

122 questions

Techniques de Vente

Flashcard

•

Professional Development

76 questions

Flashcards sobre el Antiguo Egipto

Flashcard

•

6th Grade

55 questions

Vocab 12th Grade

Flashcard

•

12th Grade

88 questions

Chinese Vocabulary Flashcards (pt 2)

Flashcard

•

University

80 questions

Verilog Basics Flashcard Set

Flashcard

•

University

96 questions

Economic Concepts Flashcards

Flashcard

•

9th Grade

75 questions

Vocabulary Flashcards

Flashcard

•

12th Grade

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

14 questions

Boundaries & Healthy Relationships

Lesson

•

6th - 8th Grade

13 questions

SMS Cafeteria Expectations Quiz

Quiz

•

6th - 8th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

12 questions

SMS Restroom Expectations Quiz

Quiz

•

6th - 8th Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

10 questions

Pi Day Trivia!

Quiz

•

6th - 9th Grade

Discover more resources for Computers

20 questions

Disney Trivia

Quiz

•

University

19 questions

8.I_Review_TEACHER

Quiz

•

University

7 questions

Fragments, Run-ons, and Complete Sentences

Interactive video

•

4th Grade - University

39 questions

Unit 7 Key Terms

Quiz

•

11th Grade - University

14 questions

The Cold War

Quiz

•

KG - University

7 questions

Comparing Fractions

Interactive video

•

1st Grade - University

38 questions

Unit 6 Key Terms

Quiz

•

11th Grade - University

40 questions

Famous Logos

Quiz

•

7th Grade - University