Which metric in CVSS indicates an attack that takes a destination bank account number and replaces it with a different bank account number?
A.
integrity
B.
confidentiality
C.
availability
D.
scope
integrity
How is attacking a vulnerability categorized?
A.
action on objectives
B.
delivery
C.
exploitation
D.
insta
exploitation
A security specialist notices 100 HTTP GET and POST requests for multiple pages on the web servers. The agent in the requests contains PHP code that, if executed, creates and
writes to a new PHP file on the webserver. Which event category is described?
A.
reconnaissance
B.
action on objectives
C.
installation
D.
exploitation
installation
Which type of attack occurs when an attacker is successful in eavesdropping on a
conversation between two
IP phones?
A.
known-plaintext
B.
replay
C.
dictionary
D.
man-in-the-middle
man-in-the-middle
What does cyber attribution identity in an investigation?
A.
cause of an attack
B.
exploit of an attack
C.
vulnerabilities exploited
D.
threat actors of an attack
threat actors of an attack
What is the difference between the ACK flag and the RST flag in the NetFlow log session?
A.
The RST flag confirms the beginning of the TCP connection, and the ACK flag responds
when the data for the payload is complete
B.
BT
C.
The RST flag confirms the receipt of the prior segment, and the ACK flag allows for the spontaneous termination of a connection
D.
The ACK flag confirms the receipt of the prior segment, and the RST flag allows for the spontaneous termination of a connection
The ACK flag confirms the receipt of the prior segment, and the RST flag allows for the spontaneous termination of a connection
You have identified a malicious file in a sandbox analysis tool. Which piece of file
information from the analysis
is needed to search for additional downloads of this file by other hosts?
A.
file name
B.
file hash value
C.
file type
D.
file size
file hash value
What is the practice of giving employees only those permissions necessary to perform their specific role within an organization?
A.
least privilege
B.
need to know
C.
integrity validation
D.
due diligence
least privilege
An analyst discovers that a legitimate security alert has been dismissed.
Which signature caused this impact on network traffic?
A.
true negative
B.
false negative
C.
false positive
D.
true positive
false negative
In a SOC environment, what is a vulnerability management metric?
A.
code signing enforcement
B.
full assets scan
C.
internet exposed devices
D.
single factor authentication
single factor authentication
Page 5 out of 19 Pages |
Previous |