Question 36
A SIEM analyst receives an alert containing the following URL:
Which of the following BEST describes the attack?
Which of the following BEST describes the attack?
Question 37
NOTE: Question IP must be 192.168.192.123
During a network reconnaissance engagement, a penetration tester was given perimeter firewall ACLs to accelerate the scanning process. The penetration tester has decided to concentrate on trying to brute force log in to destination IP address 192.168.192.132 via secure shell.
Given a source IP address of 10.10.10.30, which of the following ACLs will permit this access?
During a network reconnaissance engagement, a penetration tester was given perimeter firewall ACLs to accelerate the scanning process. The penetration tester has decided to concentrate on trying to brute force log in to destination IP address 192.168.192.132 via secure shell.
Given a source IP address of 10.10.10.30, which of the following ACLs will permit this access?
Question 38
A security analyst is reviewing IDS logs and notices the following entry:
Which of the following attacks is occurring?
Which of the following attacks is occurring?
Question 39
D18912E1457D5D1DDCBD40AB3BF70D5D
A security analyst scanned an internal company subnet and discovered a host with the following Nmap output.
Based on the output of this Nmap scan, which of the following should the analyst investigate FIRST?
A security analyst scanned an internal company subnet and discovered a host with the following Nmap output.
Based on the output of this Nmap scan, which of the following should the analyst investigate FIRST?
Question 40
The Chief Information Security Officer (CISO) has asked the security staff to identify a framework on which to base the security program. The CISO would like to achieve a certification showing the security program meets all required best practices. Which of the following would be the BEST choice?