Cyber Quiz

A collection of host services that allow for communication between sandboxes

A collection of interfaces that allow for coordination of activities among processes

A collection of network services that are activated on an interface, allowing for inter-port communication.

A collection of rules within the sandbox that prevent the communication between sandboxes

Someone is trying a brute force attack on the network

Another device is gaining root access to the system

The system detected an XSS attack

A privileged user successfully logged into the system

statistical data

alert data

location data

transaction data

NetFlow generates more data than traffic mirroring

NetFlow collects metadata and traffic mirroring clones data

Traffic mirroring costs less to operate than NetFlow

Traffic mirroring impacts switch performance and NetFlow does no

true negative

true positive

false negative

false positive

Inline interrogation enables viewing a copy of traffic to ensure traffic is in compliance with security policies

Tapping interrogation replicates signals to a separate port for analyzing traffic

Inline interrogation detects malicious traffic but does not block the traffic

Tapping interrogations detect and block malicious traffic

true negative

false negative

false positive

true positive

context

firewall logs

laptop

threat actor

session

Analyze the threat

Reduce the probability of similar threats

Recover from the threat

Identify lessons learned from the threat

preparation

containment, eradication, and recovery

detection and analysis

post-incident activity