Which step in the incident response process researches an attacking host through logs in a SIEM?

• A.detection and analysis
• B.preparation
• C.eradication
• D.containment

Comment: *

Name: *

Email: *

Verification: *

What is the difference between a threat and a risk?

• A.Threat represents a potential danger that could take advantage of a weakness in a system
• B.Risk represents the known and identified loss or danger in the system
• C.Risk represents the nonintentional interaction with uncertainty in the system
• D.Threat represents a state of being exposed to an attack or a compromise, either physically or logically.

Comment: *

Name: *

Email: *

Verification: *

Drag and drop the data source from the left onto the data type on the right.

Correct Answer:

Comment: *

Name: *

Email: *

Verification: *

Refer to the exhibit.

Which technology generates this log?

• A.NetFlow
• B.firewall
• C.web proxy
• D.IDS

Comment: *

Name: *

Email: *

Verification: *

Refer to the exhibit. Which two elements in the table are parts of the 5-tuple? (Choose two.)

• A.First Packet
• B.Source Port
• C.Ingress Security Zone
• D.Initiator IP
• E.Initiator User

Comment: *

Name: *

Email: *

Verification: *