Cybersecurity Operations
Indicators of compromise are evidence of what occurence?
An attack
A network security specialist is tasked to implement a security measure that monitors the status of critical files in the data center and sends an immediate alert if any file is modified. Which aspect of secure communications is addressed by this security measure?
Data Integrity
Traceroute uses what protocol to send and receive echo-request and echo-reply messages
ICMP (Internet Control Message Protocol)
IOCs can involve:
Identifying features of malware files, IP addresses of servers that are used in the attack, filenames, and characteristic changes made to end system software
Two attributes of TACACS+ authentication:
- Encryption for all communication - Separate processes for authentication and authorization
Three benefits of using symbolic links over hard links in Linux?
- They can link to a directory - They can link to a file in a different file system - They can show the location of the original file
Sliding window
A TCP mechanism used in congestion avoidance
Wireshark
A network protocol analyzer used to capture network traffic
SPAN
A port mirroring technology supported on Cisco switches that enables the switch to copy frames and forward them to an analysis device
Network tap
Is used to capture traffic for monitoring the network
What files are traffic captured by Wireshark saved in?
PCAP files
ICMPv6 includes four new message types:
Router Advertisement, Neighbor Advertisement, Router Solicitation, and Neighbor Solicitation
If the default gateway is configured incorrectly on the host, what is the impact on communications?
The host can communicate with other hosts on the local network, but is unable to communicate with hosts on remote networks