1. Which of the following can carry malware payloads into the network?
- DNS
- HTTPS
- IMAP
- syslog
- SMTP
Explanation: IMAP can carry malware payloads into the network.
2. Which of the following presents challenges to decoding packet captures?
- HTTPS
- DNS
- SMTP
- syslog
- NTP
Explanation: HTTPS presents challenges to decoding packet captures.
3. Which of the following can be used to exfiltrate data hidden in the query messages?
- IMAP
- NTP
- SMTP
- DNS
- syslog
Explanation: DNS can be used to exfiltrate data hidden in the query messages.
4. Time stamps that are provided by which protocol may be corrupted to complicate event correlation?
- syslog
- SMTP
- NTP
- DNS
- HTTPS
Explanation: NTP stamps may be corrupted to complicate event correlation.