True or False? A benign event should trigger an alert.
Explanation: A benign event should not trigger an alert.
Which type of alert is it when an alert is received, and an exploit has been verified?
true positive true negative false positive false negative
Which type of incident has occurred when nothing is reported, however an exploit has occurred?
Explanation: A false alert has no incidents reported, however an exploit has occurred.
Which type of alert has happened when an alert is received, but no incident has occurred?
Explanation: A positive alert happens when an alert is received, but no incident has occurred.
Which type of alert would have no incident reported and no incident has occurred?
Explanation: A true alert occurs when no incidents are reported and no incidents have occurred.
Which statement describes an operational characteristic of NetFlow?
Explanation: NetFlow does not capture the entire contents of a packet. Instead, NetFlow collects metadata, or data about the flow, not the flow data itself. NetFlow information can be viewed…
What is a feature of the tcpdump tool?
Explanation: The tcpdump command line tool is a packet analyzer that captures detailed packet protocol and content data. It can display packet captures in real time or write them to…
In a Cisco AVC system, in which module is NBAR2 deployed?
Explanation: AVC uses Cisco Next-Generation Network-Based Application Recognition (NBAR2) to discover and classify the applications in use on the network.
What are two popular SIEM platforms? (Choose two.)
Explanation: Security Information and Event Management (SIEM) is a technology that provides real-time reporting and long-term analysis of security events. Two SIEM platforms used by organizations are Splunk and Security…
Which type of security data can be used to describe or predict network behavior?
Explanation: Statistical data is created through the analysis of other forms of network data. Conclusions from these analyses can be used to describe or predict network behavior.