An analyst is investigating an incident in a SOC environment.
Which method is used to identify a session from a group of logs?

• A.5-tuple
• B.IP identifier
• C.timestamps
• D.sequence numbers

Comment: *

Name: *

Email: *

Verification: *

An engineer needs to have visibility on TCP bandwidth usage, response time, and latency, combined with deep packet inspection to identify unknown software by its network traffic flow. Which two features of Cisco Application Visibility and Control should the engineer use to accomplish this goal? (Choose two.)

• A.adaptive AVC
• B.application recognition
• C.management and reporting
• D.metrics collection and exporting
• E.traffic filtering

Comment: *

Name: *

Email: *

Verification: *

Refer to the exhibit.

What is the potential threat identified in this Stealthwatch dashboard?

• A.Host 10.201.3.149 is sending data to 152.46.6.91 using TCP/443.
• B.Traffic to 152.46.6.149 is being denied by an Advanced Network Control policy.
• C.Host 152.46.6.91 is being identified as a watchlist country for data transfer.
• D.Host 10.201.3.149 is receiving almost 19 times more data than is being sent to host 152.46.6.91.

Comment: *

Name: *

Email: *

Verification: *

Refer to the exhibit.

This request was sent to a web application server driven by a database. Which type of web server attack is represented?

• A.command injection
• B.blind SQL injection
• C.heap memory corruption
• D.parameter manipulation

Comment: *

Name: *

Email: *

Verification: *

Drag and drop the security concept on the left onto the example of that concept on the right.

Correct Answer:

Comment: *

Name: *

Email: *

Verification: *