An engineer discovered a breach, identified the threats entry point, and removed access. The engineer was able to identify the host, the IPaddress of the threat actor, and the application the threat actor targeted. What is the next step the engineer should take according to the NIST SP800-61 Incident handling guide?

Reduce the probability of similar threats

Identify lessons learned from the threat

Which incidence response step includes identifying all hosts affected by an attack?

containment, eradication, and recovery

How does an SSL certificate impact security between the client and the server?

by creating an encrypted channel between the client and the server

by enabling an authenticated channel between the client and the server

by creating an integrated channel between the client and the server

by enabling an authorized channel between the client and the server

Which list identifies the information that the client sends to the server in the negotiation phase of the TLS handshake?

ClientHello, TLS versions it supports, cipher-suites it supports, and suggested compression methods

ClientStart, TLS versions it supports, cipher-suites it supports, and suggested compression methods

ClientHello, ClientKeyExchange, cipher-suites it supports, and suggested compression methods

ClientStart, ClientKeyExchange, cipher-suites it supports, and suggested compression methods

An engineer needs to have visibility on TCP bandwidth usage, response time, and latency, combined with deep packet inspection to identifyunknown software by its network traffic flow. Which two features of Cisco Application Visibility and Control should the engineer use to accomplishthis goal? (Choose two.)

metrics collection and exporting

Cyber Quiz

Professional Development

•

17 Qs

Similar activities

DI (EM24) - Diseño de Contenidos (T8)

University - Professional Development

•

20 Qs

Internet

5th Grade - Professional Development

•

20 Qs

Linux Command Line Quiz

Professional Development

•

14 Qs

Anovision 2022 Round 1

Professional Development

•

16 Qs

Emerging Trends in Cloud Computing!

Professional Development

•

18 Qs

CPA MS-Office Hotkeys Quiz

8th Grade - Professional Development

•

21 Qs

ULANGAN 1 TLJ KELAS XII

KG - Professional Development

•

20 Qs

2k16_Embedded_Module_3

Professional Development

•

20 Qs

Cyber Quiz

Quiz

•

Computers

•

Professional Development

•

Practice Problem

•

Hard

Dove Soap

Used 10+ times

FREE Resource

17 questions

Show all answers

MULTIPLE CHOICE QUESTION

1 min • 1 pt

What is a sandbox interprocess communication service?

A collection of host services that allow for communication between sandboxes

A collection of interfaces that allow for coordination of activities among processes

A collection of network services that are activated on an interface, allowing for inter-port communication.

A collection of rules within the sandbox that prevent the communication between sandboxes

MULTIPLE CHOICE QUESTION

1 min • 1 pt

What causes events on a Windows system to show Event Code 4625 in the log messages?

Someone is trying a brute force attack on the network

Another device is gaining root access to the system

The system detected an XSS attack

A privileged user successfully logged into the system

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Which type of data consists of connection level, application-specific records generated from network traffic?

statistical data

alert data

location data

transaction data

MULTIPLE CHOICE QUESTION

1 min • 1 pt

How is NetFlow different from traffic mirroring?

NetFlow generates more data than traffic mirroring

NetFlow collects metadata and traffic mirroring clones data

Traffic mirroring costs less to operate than NetFlow

Traffic mirroring impacts switch performance and NetFlow does no

MULTIPLE CHOICE QUESTION

1 min • 1 pt

An analyst discovers that a legitimate security alert has been dismissed.Which signature caused this impact on the network traffic?

true negative

true positive

false negative

false positive

MULTIPLE CHOICE QUESTION

3 mins • 1 pt

What should a security analyst consider when comparing inline traffic interrogation with traffic tapping to determine which approach to use in thenetwork?

Inline interrogation enables viewing a copy of traffic to ensure traffic is in compliance with security policies

Tapping interrogation replicates signals to a separate port for analyzing traffic

Inline interrogation detects malicious traffic but does not block the traffic

Tapping interrogations detect and block malicious traffic

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which signature impacts network traffic by causing legitimate traffic to be blocked?

true negative

false negative

false positive

true positive

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

15 questions

Telco Practice Test 1

Quiz

•

Professional Development

15 questions

Technical Training

Quiz

•

Professional Development

14 questions

Scratch Implementação

Quiz

•

Professional Development

16 questions

Cyber Resilience Training

Quiz

•

Professional Development

12 questions

Vocaloid Quiz

Quiz

•

5th Grade - Professio...

13 questions

Administration Windows 2 - Server

Quiz

•

Professional Development

12 questions

DECI - Week 9 - round

Quiz

•

Professional Development

12 questions

Deci- Session 1- Time Machine

Quiz

•

Professional Development

Popular Resources on Wayground

7 questions

History of Valentine's Day

Interactive video

•

4th Grade

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

15 questions

Valentine's Day Trivia

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

Discover more resources for Computers

44 questions

Would you rather...

Quiz

•

Professional Development

20 questions

Black History Month Trivia Game #1

Quiz

•

Professional Development

12 questions

Mardi Gras Trivia

Quiz

•

Professional Development

14 questions

Valentine's Day Trivia!

Quiz

•

Professional Development

7 questions

Copy of G5_U5_L14_22-23

Lesson

•

KG - Professional Dev...

16 questions

Parallel, Perpendicular, and Intersecting Lines

Quiz

•

KG - Professional Dev...

11 questions

NFL Football logos

Quiz

•

KG - Professional Dev...

12 questions

Valentines Day Trivia

Quiz

•

Professional Development

Cyber Quiz

17 questions

What is a sandbox interprocess communication service?

What causes events on a Windows system to show Event Code 4625 in the log messages?

Which type of data consists of connection level, application-specific records generated from network traffic?

How is NetFlow different from traffic mirroring?

An analyst discovers that a legitimate security alert has been dismissed.Which signature caused this impact on the network traffic?

What should a security analyst consider when comparing inline traffic interrogation with traffic tapping to determine which approach to use in thenetwork?

Which signature impacts network traffic by causing legitimate traffic to be blocked?

Which two elements are assets in the role of attribution in an investigation? (Choose two.)

Which incidence response step includes identifying all hosts affected by an attack?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers