Cybersecurity Operations

Indicators of compromise are evidence of what occurence?

An attack

A network security specialist is tasked to implement a security measure that monitors the status of critical files in the data center and sends an immediate alert if any file is modified. Which aspect of secure communications is addressed by this security measure?

Data Integrity

Traceroute uses what protocol to send and receive echo-request and echo-reply messages

ICMP (Internet Control Message Protocol)

IOCs can involve:

Identifying features of malware files, IP addresses of servers that are used in the attack, filenames, and characteristic changes made to end system software

Two attributes of TACACS+ authentication:

- Encryption for all communication - Separate processes for authentication and authorization

Three benefits of using symbolic links over hard links in Linux?

- They can link to a directory - They can link to a file in a different file system - They can show the location of the original file

Sliding window

A TCP mechanism used in congestion avoidance

Wireshark

A network protocol analyzer used to capture network traffic

SPAN

A port mirroring technology supported on Cisco switches that enables the switch to copy frames and forward them to an analysis device

Network tap

Is used to capture traffic for monitoring the network

What files are traffic captured by Wireshark saved in?

PCAP files

ICMPv6 includes four new message types:

Router Advertisement, Neighbor Advertisement, Router Solicitation, and Neighbor Solicitation

If the default gateway is configured incorrectly on the host, what is the impact on communications?

The host can communicate with other hosts on the local network, but is unable to communicate with hosts on remote networks