1. Which two technologies are used in the ELSA tool? (Choose two.) MySQL * CapME Suricata Sphinx Search * Security Onion 2. What is the host-based intrusion detection tool that is integrated into Security Onion? OSSEC * Snort Sguil Wireshark 3. According to NIST, which step in the …
1. Which statement describes the tcpdump tool? It is a command line packet analyzer. It is used to control multiple TCP-based applications. It accepts and analyzes data captured by Wireshark. It can be used to analyze network log data in order to describe and predict network behavior. 2. …
1. Which HIDS is an open source product? Tripwire OSSEC * Cisco AMP AlienVault USM 2. In Windows Firewall, when is the Domain profile applied? When the host accesses the Internet When the host checks emails from an enterprise email server When the host is connected to a …
1. If an asymmetric algorithm uses a public key to encrypt data, what is used to decrypt it? DH A private key A digital certificate A different public key 2. Which type of attack does the use of HMACs protect against? DoS DDoS Brute force Man-in-the-middle 3. Which …
1. With the evolution of borderless networks, which vegetable is now used to describe a defense-in-depth approach? Artichoke * Lettuce Onion Cabbage 2. What is a characteristic of a layered defense-in-depth security approach? Three or more devices are used. Routers are replaced with firewalls. When one device fails, …
1. Which technology is a proprietary SIEM system? SNMP agent Splunk * Stealthwatch NetFlow collector 2. Which term is used to describe legitimate traffic that is mistaken for unauthorized traffic by firewalls and IPSs? True positive True negative False positive * False negative 3. Which monitoring technology mirrors …
1. What type of attack uses zombies? Trojan horse SEO poisoning Spear phishing DDoS * 2. What is the best description of Trojan horse malware? It is the most easily detected form of malware. It appears as useful software but hides malicious code. * It is malware that …
1. What specialized network device is responsible for enforcing access control policies between networks? Bridge Switch Firewall IDS 2. What information does an Ethernet switch examine and use to build its address table? Source IP address Destination IP address Source MAC address Destination MAC address 3. Which device …
1. Which message does an IPv4 host use to reply when it receives a DHCPOFFER message from a DHCP server? DHCPACK DHCPREQUEST DHCPDISCOVER DHCPOFFER 2. What OSI layer is responsible for establishing a temporary communication session between two applications and ensuring that transmitted data can be reassembled in …
1. What is the outcome when a Linux administrator enters the man man command? The man man command configures the network interface with a manual address. The man man command provides documentation about the man command. * The man man command provides a list of commands available at …