Cameron wants to check if a file matches a known-good original. What technique can he use to do so?

Hash both the file and the original and compare the hashes.

Check the file size and creation date.

Decrypt both the file and the original to compare them.

Use strings to compare the file content.

How can Jim most effectively locate a wireless rogue access point (AP) that is causing complaints from employees in his building?

Signal strength and triangulation

Laura wants to review headers in an email that one of her staff is suspicious of. What should she not have that person do if she wants to preserve the headers?

She shouldn't have them forward the email to her.

She shouldn't have them download the email.

She shouldn't have them print the email.

She shouldn't have them reply to the email.

Jacob discovers that systems in his data center have begun to connect to each other via SSH at regular intervals. Which of the following indicators of potentially malicious activity best matches this type of behavior?

Irregular peer-to-peer communication

Which of the following is a key differentiator between a SIEM and a SOAR?

A SOAR provides automated response capabilities.

A SOAR does not provide log aggregation.

A SIEM does not provide a dashboard.

Nick believes that the system he is investigating may be running crypto-mining malware. Which of the following indicators of compromise is most likely to be useful in identifying other systems that may have similar malicious processes?

Irregular peer-to-peer communication

uC 003 Malicious Activity

Authored by Jose Manuel Rios

Computers

University

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

48 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Nick wants to analyze a potentially malicious software package using an open-source, locally hosted tool. Which of the following tools is best suited to his need if he wants to run the tool as part of the process?

Cuckoo Sandbox

SIEM

EDR

VirusTotal

Answer explanation

Automated malware analysis with Cuckoo Sandbox

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Cynthia wants to build scripts to detect malware beaconing behavior. Which of the following is not a means of identifying malware beaconing behavior for building scripts on a network?

Beaconing interval

Removal of known traffic

Beacon protocol

Persistence of the beaconing

Answer explanation

A beacon protocol is not a means of identifying malware beaconing behavior for building scripts on a network. Unless Cynthia already knows the protocol that a particular beacon uses, filtering out beacons by protocol may cause her to miss beaconing behavior. Attackers want to dodge common analytical tools and will use protocols that are less likely to attract attention.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Henry wants to identify potentially unauthorized scheduled tasks on a Linux system. What Linux command is most useful to identify scheduled tasks?

cron

chmod

Answer explanation

The cron command is used to set, view, and maintain scheduled tasks in Linux. Scheduled tasks, or cron jobs in Linux, are also a popular method for attackers to maintain persistent access to systems. Checking for unexpected scheduled tasks (or cron jobs) is a common part of incident response processes.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Angela wants to search for rogue devices on her network. Which of the following techniques will best help her identify systems if she has a complete hardware and systems inventory?

Traffic analysis for unexpected behavior

MAC address verification

MAC address vendor checking

Site surveys

Answer explanation

Since Angela already knows the media access control (MAC) addresses of all the devices due to her systems inventory, she can simply search for associated MAC addresses that do not match the list.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Ian wants to provide additional email security for his organization. Which of the following is not used to enhance email security?

DKIM

DMARC

S/PDIF

SPF

Answer explanation

Automated malware analysis with Cuckoo Sandbox

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is not a common network issue?

Beaconing

Bandwidth consumption

Unexpected traffic

Link aggregation

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Brian works in an XYZ organization. His network suddenly stops working at 8:40 AM, interrupting video conferences, streaming, and other services throughout his organization, and then resumes functioning. When Brian logs into his Paessler Router Traffic Grapher (PRTG) console and checks his router's traffic via the primary connection's redundant network link, he sees the following graph. What should Brian presume occurred based on the given information shown in Figure A?

The network has failed and is running in cached mode.

PRTG stopped receiving flow information and needs to be restarted.

The primary link had gone down and he should check the secondary link for traffic.

There was a link card failure and the card has recovered.

Answer explanation

PRTG

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

50 questions

Test

Quiz

•

8th Grade - University

47 questions

Quiz Jaringan Komputer

Quiz

•

9th Grade - University

50 questions

Grade 5 IT Quiz

Quiz

•

5th Grade - University

50 questions

DG Muda (2)

Quiz

•

KG - Professional Dev...

45 questions

Comptia Network+ chapter 1-3 exam

Quiz

•

11th Grade - University

50 questions

TIN HỌC 6 - ÔN TẬP GK1 2425

Quiz

•

6th Grade - University

47 questions

Networking - Practice Test #1

Quiz

•

9th Grade - University

50 questions

KUIS Jaringan Komputer dan Internet

Quiz

•

7th Grade - University

Popular Resources on Wayground

7 questions

History of Valentine's Day

Interactive video

•

4th Grade

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

15 questions

Valentine's Day Trivia

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

Discover more resources for Computers

18 questions

Valentines Day Trivia

Quiz

•

3rd Grade - University

12 questions

IREAD Week 4 - Review

Quiz

•

3rd Grade - University

23 questions

Subject Verb Agreement

Quiz

•

9th Grade - University

5 questions

What is Presidents' Day?

Interactive video

•

10th Grade - University

7 questions

Renewable and Nonrenewable Resources

Interactive video

•

4th Grade - University

20 questions

Mardi Gras History

Quiz

•

6th Grade - University

10 questions

The Roaring 20's Crash Course US History

Interactive video

•

11th Grade - University

17 questions

Review9_TEACHER

Quiz

•

University

uC 003 Malicious Activity

Nick wants to analyze a potentially malicious software package using an open-source, locally hosted tool. Which of the following tools is best suited to his need if he wants to run the tool as part of the process?

Automated malware analysis with Cuckoo Sandbox

Cynthia wants to build scripts to detect malware beaconing behavior. Which of the following is not a means of identifying malware beaconing behavior for building scripts on a network?

Henry wants to identify potentially unauthorized scheduled tasks on a Linux system. What Linux command is most useful to identify scheduled tasks?

Angela wants to search for rogue devices on her network. Which of the following techniques will best help her identify systems if she has a complete hardware and systems inventory?

Since Angela already knows the media access control (MAC) addresses of all the devices due to her systems inventory, she can simply search for associated MAC addresses that do not match the list.

Ian wants to provide additional email security for his organization. Which of the following is not used to enhance email security?

Automated malware analysis with Cuckoo Sandbox

Which of the following is not a common network issue?

PRTG

Cameron wants to check if a file matches a known-good original. What technique can he use to do so?

Juan wants to see a list of processes along with their CPU utilization in an interactive format. What built-in Linux tool should he use?

The top command in Linux provides an interactive interface to view central processing unit (CPU) utilization, memory usage, and other details for running processes. df shows the disk usage and tail displays the end of a file.

As part of her job, Danielle sets an alarm to notify her team via email if her Windows server uses 80 percent of its memory and to send a text message if it reaches 90 percent utilization. What is this setting called?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers