Which action should be taken if the system is overwhelmed with alerts when false positives and false negatives are compared?

• A.Adjust the alerts schedule.
• B.Modify the settings of the intrusion detection system.
• C.Redefine signature rules.
• D.Design criteria for reviewing alerts.

Comment: *

Name: *

Email: *

Verification: *

Which system monitors local system operation and local network access for violations of a security policy?

• A.host-based intrusion detection
• B.systems-based sandboxing
• C.host-based firewall
• D.antivirus

Comment: *

Name: *

Email: *

Verification: *

An investigator is examining a copy of an ISO file that is stored in CDFS format. What type of evidence is this file?

• A.data from a DVD copied using Windows system
• B.data from a CD copied using Windows
• C.data from a CD copied using Linux system
• D.data from a CD copied using Mac-based system

Comment: *

Name: *

Email: *

Verification: *

Which utility blocks a host portscan?

• A.sandboxing
• B.antimalware
• C.host-based firewall
• D.HIDS

Comment: *

Name: *

Email: *

Verification: *

Drag and drop the security concept from the left onto the example of that concept on the right.

Correct Answer:

Explanation

Table Description automatically generated

Comment: *

Name: *

Email: *

Verification: *