What does cyber attribution identify in an investigation?

• A.cause of an attack
• B.exploit of an attack
• C.vulnerabilities exploited
• D.threat actors of an attack

Comment: *

Name: *

Email: *

Verification: *

An engineer needs to have visibility on TCP bandwidth usage, response time, and latency, combined with deep packet inspection to identify unknown software by its network traffic flow. Which two features of Cisco Application Visibility and Control should the engineer use to accomplish this goal? (Choose two.)

• A.traffic filtering
• B.management and reporting
• C.adaptive AVC
• D.metrics collection and exporting
• E.application recognition

Comment: *

Name: *

Email: *

Verification: *

What should a security analyst consider when comparing inline traffic interrogation with traffic tapping to determine which approach to use in the network?

• A.Inline interrogation detects malicious traffic but does not block the traffic
• B.Tapping interrogation replicates signals to a separate port for analyzing traffic
• C.Tapping interrogations detect and block malicious traffic
• D.Inline interrogation enables viewing a copy of traffic to ensure traffic is in compliance with security policies

Comment: *

Name: *

Email: *

Verification: *

Drag and drop the definition from the left onto the phase on the right to classify intrusion events according to the Cyber Kill Chain model.

Correct Answer:

Explanation
Delivery: This step involves transmitting the weapon to the target.
Weaponization: In this step, the intruder creates a malware weapon like a virus, worm or such in order to exploit the vulnerabilities of the target. Depending on the target and the purpose of the attacker, this malware can exploit new, undetected vulnerabilities (also known as the zero-day exploits) or it can focus on a combination of different vulnerabilities.
Reconnaissance: In this step, the attacker / intruder chooses their target. Then they conduct an in-depth research on this target to identify its vulnerabilities that can be exploited.

Comment: *

Name: *

Email: *

Verification: *

What is the difference between a threat and a risk?

• A.Threat represents a potential danger that could take advantage of a weakness in a system
• B.Risk represents the known and identified loss or danger in the system
• C.Risk represents the nonintentional interaction with uncertainty in the system
• D.Threat represents a state of being exposed to an attack or a compromise, either physically or logically.

Comment: *

Name: *

Email: *

Verification: *