Question 111
An analyst is preparing for a technical security compliance check on all Apache servers. Which of the following will be the BEST to use?
Question 112
A security analyst is trying to track physical locations of threat actors via SIEM log information. However, correlating IP addresses with geolocation is taking a long time, so the analyst asks a security engineer to add geolocation to the SIEM tool. This is an example of using:
Question 113
A development team has asked users to conduct testing to ensure an application meets the needs of the business. Which of the fallowing types of testing docs This describe?
Question 114
Which of the following sets of attributes BEST illustrates the characteristics of an insider threat from a security perspective?
Question 115
A security analyst receives an alert from the SIEM about a possible attack happening on the network The analyst opens the alert and sees the IP address of the suspected server as 192.168.54.66. which is part of the network 192 168 54 0/24. The analyst then pulls all the command history logs from that server and sees the following
Which of the following activities is MOST likely happening on the server?
Which of the following activities is MOST likely happening on the server?