Comptia Security+ Understanding Monitoring and Auditing
Authored by J. Hines
Computers
Professional Development
Used 13+ times
AI Actions
Add similar questions
Adjust reading levels
Convert to real-world scenario
Translate activity
More...
Content View
Student View
30 questions
Show all answers
1.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
A security analyst is reviewing a log file that shows multiple failed login attempts to a server within a short period of time. Which monitoring technique would be most effective in identifying the source of these attempts?
Intrusion Detection System (IDS)
Intrusion Prevention System (IPS)
Security Information and Event Management (SIEM)
Network Traffic Analyzer
Packet Capture and Analysis
2.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Which of the following methods is commonly used to detect unauthorized changes to critical system files?
Data loss prevention
File integrity monitoring
Port scanning
Network intrusion detection
Vulnerability scanning
3.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Which of the following is a key characteristic of a continuous monitoring strategy?
Periodic review of audit logs
Retention of log files for 1 year
Manual review of incidents
Real-time monitoring
Conducting periodic assessments
4.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
A security administrator is configuring a SIEM solution to monitor the network for possible security incidents. Which of the following should be the primary focus when defining correlation rules for the SIEM solution?
Incident response procedures
Network traffic analysis
Network architecture diagrams
Regulatory compliance requirements
Security policies and procedures
5.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Which of the following is an auditing technique that focuses on the identification of vulnerabilities in a system by simulating an attack?
Vulnerability scanning
Port scanning
Penetration testing
Log file analysis
Security Information and Event Management (SIEM)
6.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Which of the following is an example of an activity that can be monitored using a Network Intrusion Detection System (NIDS)?
Application performance issues
System downtime incidents
Failed login attempts
Unauthorized access attempts
Firewall rule changes
7.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
A security administrator wants to monitor suspicious network traffic and detect any potentially malicious activities. Which of the following tools would be the most appropriate for this purpose?
Security Information and Event Management (SIEM)
Digital certificate authority
Firewall logs analysis
Intrusion Detection System (IDS)
Penetration testing tool
Access all questions and much more by creating a free account
Create resources
Host any resource
Get auto-graded reports
Continue with Google
Continue with Email
Continue with Classlink
Continue with Clever
or continue with
Microsoft
%20(1).png)
Apple
Others
Already have an account?
