Which of the following attack can be eradicated by filtering improper XML syntax?
Which of the following attack can be eradicated by filtering improper XML syntax? A. CAPTCHA Attacks B. SQL Injection Attacks C. Insufficient Logging and Monitoring Attacks D. Web Services Attacks
Which of the following Windows features is used to enable Security Auditing in Windows?
Which of the following Windows features is used to enable Security Auditing in Windows? A. Bitlocker B. Windows Firewall C. Local Group Policy Editor D. Windows Defender Reference: https://resources.infosecinstitute.com/topic/how-to-audit-windows-10-application-logs/
Which of the following is a report writing tool that will help incident handlers to generate efficient reports
Which of the following is a report writing tool that will help incident handlers to generate efficient reports on detected incidents during incident response process? A. threat_note B. MagicTree C. IntelMQ D. Malstrom
What is the process of monitoring and capturing all data packets passing through a given network using differe
What is the process of monitoring and capturing all data packets passing through a given network using different tools? A. Network Scanning B. DNS Footprinting C. Network Sniffing D. Port Scanning Reference: https://www.greycampus.com/opencampus/ethical-hacking/sniffing-and-its-types
What kind of SIEM deployment architecture the organization is planning to implement?
An organization is implementing and deploying the SIEM with following capabilities. What kind of SIEM deployment architecture the organization is planning to implement? A. Cloud, MSSP Managed B. Self-hosted, Jointly Managed C. Self-hosted, Self-Managed D. Self-hosted, MSSP Managed
What does this indicate?
Juliea a SOC analyst, while monitoring logs, noticed large TXT, NULL payloads. What does this indicate? A. Concurrent VPN Connections Attempt B. DNS Exfiltration Attempt C. Covering Tracks Attempt D. DHCP Starvation Attempt Reference: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwj8gZaKq_PuAhWGi1wKHfQTC0oQFjAAegQIARAD&url=https%3A%2F%2Fconf.splunk.com%2Fsession%2F2014%2Fconf2014_FredWilmotSanfordOwings_Splunk_Security.pdf&usg=AOvVaw3ZLfzGqM-VUG7xKtze67ac
Which of the following formula is used to calculate the EPS of the organization?
Which of the following formula is used to calculate the EPS of the organization? A. EPS = average number of correlated events / time in seconds B. EPS = number of normalized events / time in seconds C. EPS = number of security events / time in seconds D. EPS = number of correlated events […]
Which of the following technique involves scanning the headers of IP packets leaving a network to make sure th
Which of the following technique involves scanning the headers of IP packets leaving a network to make sure that the unauthorized or malicious traffic never leaves the internal network? A. Egress Filtering B. Throttling C. Rate Limiting D. Ingress Filtering Reference: https://grokdesigns.com/wp-content/uploads/2018/04/CEH-v9-Notes.pdf (99)
Which of the following command is used to view iptables logs on Ubuntu and Debian distributions?
Which of the following command is used to view iptables logs on Ubuntu and Debian distributions? A. $ tailf /var/log/sys/kern.log B. $ tailf /var/log/kern.log C. # tailf /var/log/messages D. # tailf /var/log/sys/messages Reference: https://tecadmin.net/enable-logging-in-iptables-on-linux/
According to the Risk Matrix table, what will be the risk level when the probability of an attack is very low
According to the Risk Matrix table, what will be the risk level when the probability of an attack is very low and the impact of that attack is major? A. High B. Extreme C. Low D. Medium Reference: https://www.moheri.gov.om/userupload/Policy/IT%20Risk%20Management%20Framework.pdf (17)