Refer to the exhibit.

What is depicted in the exhibit?

• A.IIS logs
• B.UNIX-based syslog
• C.Apache logs
• D.Windows Event logs

Comment: *

Name: *

Email: *

Verification: *

Which type of evidence supports a theory or an assumption that results from initial evidence?

• A.probabilistic
• B.indirect
• C.best
• D.corroborative

Comment: *

Name: *

Email: *

Verification: *

Which two elements of the incident response process are stated in NIST Special Publication 800-61 r2?
(Choose two.)

• A.risk assessment
• B.detection and analysis
• C.vulnerability management
• D.post-incident activity
• E.vulnerability scoring

Comment: *

Name: *

Email: *

Verification: *

A security analyst notices a sudden surge of incoming traffic and detects unknown packets from unknown senders After further investigation, the analyst learns that customers claim that they cannot access company servers According to NIST SP800-61, in which phase of the incident response process is the analyst?

• A.preparation
• B.post-incident activity
• C.containment, eradication, and recovery
• D.detection and analysis

Comment: *

Name: *

Email: *

Verification: *

A user received a malicious attachment but did not run it.
Which category classifies the intrusion?

• A.weaponization
• B.reconnaissance
• C.installation
• D.delivery

Comment: *

Name: *

Email: *

Verification: *