A cybersecurity analyst is going to verify security alerts using the Security Onion. Which tool should the analyst visit first?

Oct 22, 2020 Last Updated: Oct 27, 2020 No Comments
Tweet Share Pin it
IT Questions BankCategory: CCNA CyberOpsA cybersecurity analyst is going to verify security alerts using the Security Onion. Which tool should the analyst visit first?

A cybersecurity analyst is going to verify security alerts using the Security Onion. Which tool should the analyst visit first?

  • Bro
  • Sguil
  • CapME
  • ELK

Explanation: The primary duty of a cybersecurity analyst is the verification of security alerts. In the Security Onion, the first place that a cybersecurity analyst will go to verify alerts is Sguil because it provides a high-level console for investigating security alerts from a wide variety of sources.

Exam with this question: Modules 26 – 28: Analyzing Security Data Group Exam
Exam with this question: CCNA Cyber Ops Chapter 12 Exam Answers


guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x