uCertify Ch 12 Cysa

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Betty works as a security administrator at XYZ Inc. Her network is being flooded by ICMP packets. She observes that these packets came from multiple different IP addresses. Which type of attack can be the result of such a situation?

DDoS

What type of network information should you capture to be able to provide a report about how much traffic systems in your network sent to remote systems?

Flow Data

Danielle works as a data analyst in an organization. As part of her job, she sets an alarm to notify her team via an email if her Windows server uses 80 percent of its memory and to send a text message if it reaches 90 percent utilization. Which of the following options represents the task performed by Danielle in the given scenario?

Monitoring threshold

Which of the following technologies is suited to prevent wired rogue devices from connecting to a network?

NAC

Which utility will you use to connect and directly interact with a service?

Netcat

Alex has access to a full suite of network monitoring tools and wants to use appropriate tools to monitor network bandwidth consumption. Which of the following is a common method of monitoring network bandwidth usage?

Packet sniffing Flow SNMP

Which of the following monitoring methods relies on acquiring data about a network as traffic flows through a location on a network link?

Passive Monitoring

Which of the following three options are most likely to be used to handle a memory leak?

Patching, service restarts, and system reboots

Which Windows tool provides detailed information including information about USB host controllers, memory usage, and disk transfers?

Perfmon

Chris works as a network administrator in an organization. He wants to use an active monitoring approach to test his network. Which of the following techniques is appropriate for Chris to test the network in the given scenario?

Pinging remote systems

Adam is performing an internal security assessment and wants to identify services running on servers. Which of the following will he use to identify services available on servers?

Post scan

A security administrator wants to manage both local and remote hosts together on a Windows system. Which of the following can a security administrator use to accomplish the given task?

PowerShell

Which of the following is unauthorized equipment that is attached to a network or assets which create a side channel for an attack?

Rouge Hardware

Monica, a security administrator, wants to use a tool that will aggregate log and event data from the virtual and real networks, applications, and systems and also provides real-time reporting and alerting on information or events that may require intervention or other types of response. Which tool should she use in the given scenario?

SIEM

Sofia works as a security analyst in an organization. She suspects that a system in her datacenter may be sending beaconing traffic to a remote system. Which of the following is not a useful tool to verify Sofia's suspicions about sending traffic in a given scenario?

SNMP

What are SNMP alert messages called?

SNMP traps

Sam needs to deploy a tool that includes resources and utilities to manage, diagnose, troubleshoot, and monitor a Microsoft Windows environment. Which tool should Sam use?

Sysinternals

Susan works as a network administrator in an organization. While observing a router via network flows, she sees a sudden drop in network traffic levels to zero and the traffic chart shows a flat line. What has likely happened in the given scenario?

The Monitor link failed

Brian works in an XYZ organization. His network suddenly stops working at 8:40 AM, interrupting video conferences, streaming, and other services throughout his organization, and then resumes functioning. When Brian logs into his Paessler Router Traffic Grapher (PRTG) console and checks his router's traffic via the primary connection's redundant network link, he sees the following graph. What should Brian presume occurred based on the given information shown in figure A?

The primary link went down and he should check the secondary link for traffic.

Juan works as a network administrator in an organization. He wants to see a list of processes along with their CPU utilization in an interactive format. Which of the following built-in Linux commands should he use to accomplish his task in the given scenario?

Top

Rex, a security administrator, wants to identify irregular or unexpected behavior in network traffic communication patterns. Which of the following security analysis techniques should he perform?

Traffic Analysis

Lauren finds that the version of Java installed on her organization's web server has been replaced. Which type of issue has taken place on an organization's web server?

Unauthorized Change

Which of the following options is not a valid way to check the status of a service in Windows?

Use service --status at the command line

Alex works as an application developer in an organization. He wants to prohibit software that is not expressly allowed by his organization's desktop management team from being installed on workstations. Which type of tool should Alex use to accomplish his task in the given scenario?

Whitelisting

Which of the following Linux commands will show a user how much disk space is in use?

df

Which of the following commands is not useful for monitoring memory usage in Linux?

df

A user wants to detect a denial-of-service attack against his web server. Which of the following tools should the user AVOID?

iPerf

Which form of monitoring involves the injection of packets into communications to measure the performance of various elements in a network?

Active

Cynthia wants to build scripts to detect malware beaconing behavior. Which of the following is not a means of identifying malware beaconing behavior for building scripts on a network?

Beacon Protocol

Avika works as a network administrator in an organization. She has been asked to identify unexpected traffic on her organization's network. Which of the following is not a technique that she should use to accomplish her task in the given scenario?

Beaconing

Which of the following is an activity sent to a command and control (C&C) system as part of a botnet or a malware remote control system?

Beaconing

Which of the following terms describes a system sending heartbeat traffic to a botnet command and a control server?

Beaconing

Sayed works as a data analyst in an organization. He manages Windows workstations and is planning to prohibit a variety of files, including games, from being installed on these workstations. Which of the following tools or applications can allow Sayed to achieve his task in the given scenario?

Blacklisting

What does the MAC address of a rogue device tells a user?

Manufacturer of the device

Which of the following tools does NOT provide real time drive capacity monitoring for Windows?

Microsoft Endpoint Configuration Manager


Kaugnay na mga set ng pag-aaral

Homeostasis - NSC 3361.HN1 - Introduction To Neuroscience - S24

View Set

William Howard Taft's presidency

View Set

FIN 3403 - Chapter 12 Review (unfinished)

View Set

Module 5: Attacking Access Controls

View Set