What are the three core functions provided by the Security Onion? (Choose three.)
What are the three core functions provided by the Security Onion? (Choose three.) Explanation: Security Onion is an open source suite of Network Security Monitoring (NSM) tools for evaluating cybersecurity…
A system administrator runs a file scan utility on a Windows PC and notices a file lsass.exe in the Program Files directory. What should the administrator do?
A system administrator runs a file scan utility on a Windows PC and notices a file lsass.exe in the Program Files directory. What should the administrator do? Explanation: On Windows…
What is a key difference between the data captured by NetFlow and data captured by Wireshark?
What is a key difference between the data captured by NetFlow and data captured by Wireshark? Explanation: Wireshark captures the entire contents of a packet. NetFlow does not. Instead, NetFlow…
Which two services are provided by the NetFlow tool? (Choose two.)
Which two services are provided by the NetFlow tool? (Choose two.) Explanation: NetFlow efficiently provides an important set of services for IP applications including network traffic accounting, usage-based network billing,…
How does a web proxy device provide data loss prevention (DLP) for an enterprise?
How does a web proxy device provide data loss prevention (DLP) for an enterprise? Explanation: A web proxy device can inspect outgoing traffic as means of data loss prevention (DLP).…
Which Cisco appliance can be used to filter network traffic contents to report and deny traffic based on the web server reputation?
Which Cisco appliance can be used to filter network traffic contents to report and deny traffic based on the web server reputation? Explanation: The Cisco Web Security Appliance (WSA) acts…
Which technique is necessary to ensure a private transfer of data using a VPN?
Which technique is necessary to ensure a private transfer of data using a VPN? Explanation: Confidential and secure transfers of data with VPNs require data encryption.
What is the purpose of Tor?
What is the purpose of Tor? Explanation: Tor is a software platform and network of peer-to-peer (P2P) hosts that function as routers. Users access the Tor network by using a…
Which technique would a threat actor use to disguise traces of an ongoing exploit?
Which technique would a threat actor use to disguise traces of an ongoing exploit? Explanation: The Network Time Protocol (NTP) uses a hierarchy of time sources to provide a consistent…
Which type of attack is carried out by threat actors against a network to determine which IP addresses, protocols, and ports are allowed by ACLs?
Explanation: Packet filtering ACLs use rules to filter incoming and outgoing traffic. These rules are defined by specifying IP addresses, port numbers, and protocols to be matched. Threat actors can…