- All Exams Instant Download
Which application protocol is in this PCAP file?
Refer to the exhibit. Which application protocol is in this PCAP file?A . TCPB . SSHC . HTTPD . SSLView AnswerAnswer: D
Which option allows a file to be extracted from a TCP stream within Wireshark?
Which option allows a file to be extracted from a TCP stream within Wireshark?A . File > Export ObjectsB . Analyze > ExtractC . Tools > Export > TCPD . View > ExtractView AnswerAnswer: A
Which category does this event fall under as defined in the Diamond Model of Intrusion?
You see confidential data being exfiltrated to an IP address that is attributed to a known Advanced Persistent Threat group. Assume that this is part of a real attach and not a network misconfiguration. Which category does this event fall under as defined in the Diamond Model of Intrusion?A ....
Which type verification typically consists of using tools to compute the message digest of the original and copies data, then comparing the digests to make sure that they are the same?
Which type verification typically consists of using tools to compute the message digest of the original and copies data, then comparing the digests to make sure that they are the same?A . evidence collection orderB . data integrityC . data preservationD . volatile data collectionView AnswerAnswer: B
Which of the following are the three metrics, or "scores," of the Common Vulnerability Scoring System (CVSS)? (Select all that apply.)
Which of the following are the three metrics, or "scores," of the Common Vulnerability Scoring System (CVSS)? (Select all that apply.)A . Baseline scoreB . Base scoreC . Environmental scoreD . Temporal scoreView AnswerAnswer: BCD
Which element is part of an incident response plan?
Which element is part of an incident response plan?A . organizational approach to incident responseB . organizational approach to securityC . disaster recoveryD . backupsView AnswerAnswer: A
What is this called?
In Microsoft Windows, as files are deleted the space they were allocated eventually is considered available for use by other files. This creates alternating used and unused areas of various sizes. What is this called?A . network file storingB . free space fragmentationC . alternate data streamingD . defragmentationView AnswerAnswer:...
Which category as defined in the Diamond Model of Intrusion does this activity fall under?
A user on your network receives an email in their mailbox that contains a malicious attachment. There is no indication that the file was run. Which category as defined in the Diamond Model of Intrusion does this activity fall under?A . reconnaissanceB . weaponizationC . deliveryD . installationView AnswerAnswer: C
Which of the following is not an example of weaponization?
Which of the following is not an example of weaponization?A . Connecting to a command and control serverB . Wrapping software with a RATC . Creating a backdoor in an applicationD . Developing an automated script to inject commands on a USB deviceView AnswerAnswer: A
Which two potions are the primary 5-tuple components? (Choose two)
Which two potions are the primary 5-tuple components? (Choose two)A . destination IP addressB . header lengthC . sequence numberD . checksumE . source IP addressView AnswerAnswer: A, E,
