Where will you find the reputation IP database, if you want to monitor traffic from known bad IP reputation us
Where will you find the reputation IP database, if you want to monitor traffic from known bad IP reputation using OSSIM SIEM? A. /etc/ossim/reputation B. /etc/ossim/siem/server/reputation/data C. /etc/siem/ossim/server/reputation.data D. /etc/ossim/server/reputation.data
What does level 0 indicate?
The Syslog message severity levels are labelled from level 0 to level 7. What does level 0 indicate? A. Alert B. Notification C. Emergency D. Debugging
Which of the following formula represents the risk?
Which of the following formula represents the risk? A. Risk = Likelihood × Severity × Asset Value B. Risk = Likelihood × Consequence × Severity C. Risk = Likelihood × Impact × Severity D. Risk = Likelihood × Impact × Asset Value
Which encoding replaces unusual ASCII characters with “%” followed by the character’s two-digit
Which encoding replaces unusual ASCII characters with “%” followed by the character’s two-digit ASCII code expressed in hexadecimal? A. Unicode Encoding B. UTF Encoding C. Base64 Encoding D. URL Encoding Reference: https://ktflash.gitbooks.io/ceh_v9/content/125_countermeasures.html
Identify the attack when an attacker by several trial and error can read the contents of a password file prese
Identify the attack when an attacker by several trial and error can read the contents of a password file present in the restricted etc folder just by manipulating the URL in the browser as shown: http://www.terabytes.com/process.php./../../../../etc/passwd A. Directory Traversal Attack B. SQL Injection Attack C. Denial-of-Service Attack D. Form Tampering Attack Reference: https://doc.lagout.org/security/SQL%20Injection%20Attacks%20and%20Defense.pdf
What is Ray and his team doing?
Ray is a SOC analyst in a company named Queens Tech. One Day, Queens Tech is affected by a DoS/DDoS attack. For the containment of this incident, Ray and his team are trying to provide additional bandwidth to the network devices and increasing the capacity of the servers. What is Ray and his team doing? […]
Which of the following command is used to enable logging in iptables?
Which of the following command is used to enable logging in iptables? A. $ iptables -B INPUT -j LOG B. $ iptables -A OUTPUT -j LOG C. $ iptables -A INPUT -j LOG D. $ iptables -B OUTPUT -j LOG Reference: https://tecadmin.net/enable-logging-in-iptables-on-linux/
Which of the following directory will contain logs related to printer access?
Which of the following directory will contain logs related to printer access? A. /var/log/cups/Printer_log file B. /var/log/cups/access_log file C. /var/log/cups/accesslog file D. /var/log/cups/Printeraccess_log file
Which one of the following is the correct flow for Setting Up a Computer Forensics Lab?
Which one of the following is the correct flow for Setting Up a Computer Forensics Lab? A. Planning and budgeting –> Physical location and structural design considerations –> Work area considerations –> Human resource considerations –> Physical security recommendations –> Forensics lab licensing B. Planning and budgeting –> Physical location and structural design considerations–> Forensics […]
According to the forensics investigation process, what is the next step carried out right after collecting the
According to the forensics investigation process, what is the next step carried out right after collecting the evidence? A. Create a Chain of Custody Document B. Send it to the nearby police station C. Set a Forensic lab D. Call Organizational Disciplinary Team