Week 4

What tool is designed to capture and analyze data traffic within a network? - security information and event management (SIEM) - Structured Query Language (SQL) - network protocol analyzer (packet sniffer) - playbook

A packet sniffer, also known as a network protocol analyzer, is a tool designed to capture and analyze data traffic within a network.

Fill in the blank: A _____ is a manual that details operational actions. - checklist - playbook - directory - case history

A playbook is a manual that provides details about operational actions. Playbooks provide guidance when handling a security incident before, during, and after it has occurred.

Programming:

A process that can be used to create a specific set of instructions for a computer to execute tasks

SQL (Structured Query Language):

A programming language used to create, interact with, and request information from a database

Log:

A record of events that occur within an organization's systems

Order of volatility:

A sequence outlining the order of data that must be preserved from first to last

Antivirus software:

A software program used to prevent, detect, and eliminate malware and viruses

Data point:

A specific piece of information

Network protocol analyzer (packet sniffer):

A tool designed to capture and analyze data traffic within a network

Security information and event management (SIEM):

An application that collects and analyzes log data to monitor critical activities in an organization

Intrusion detection system (IDS):

An application that monitors system activity and alerts on possible intrusions

Linux:

An open-source operating system

Database:

An organized collection of information or data

What is programming typically used for? Select two answers. Enable open-source operations Complete repetitive tasks and processes Record events that occur within an organization's systems Create a specific set of instructions for a computer to execute tasks

Complete repetitive tasks and processes Create a specific set of instructions for a computer to execute tasks

What can cybersecurity professionals use logs for? - To research and optimize processing capabilities within a network - To identify vulnerabilities and potential security breaches - To collect and analyze data to monitor critical activities in an organization - To select which security team members will respond to an incident

Cybersecurity professionals can use logs to identify vulnerabilities, potential security breaches, and other potential security incidents.

What type of tool uses dashboards to organize data into categories and allows analysts to identify potential security incidents as they happen? - SIEM - Python - Linux - network protocol analyzers (packet sniffers)

SIEM tools use dashboards to organize data into categories and allow analysts to identify potential security incidents, such as breaches, as they happen.

What do security professionals use to interact with and request information from a database? Python Structured Query Language (SQL) Linux Confidentiality, integrity, availability (CIA) triad

Structured Query Language (SQL)

Protecting and preserving evidence:

The process of properly working with fragile and volatile digital evidence

A playbook is a manual that provides details about how to respond to an incident only after it has occurred. True False

false

Fill in the blank: Linux is an open-source _____ that can be used to examine logs. programming language operating system database algorithm

operating system