Question 131
A company's IDP/DLP solution triggered the following alerts:
Which of the following alerts should a security analyst investigate FIRST?
Which of the following alerts should a security analyst investigate FIRST?
Question 132
A company discovers an unauthorized device accessing network resources through one of many network drops in a common area used by visitors.
The company decides that is wants to quickly prevent unauthorized devices from accessing the network but policy prevents the company from making changes on every connecting client.
Which of the following should the company implement?
The company decides that is wants to quickly prevent unauthorized devices from accessing the network but policy prevents the company from making changes on every connecting client.
Which of the following should the company implement?
Question 133
A security administrator needs to create an IDS rule to alert on FTP login attempts by root. Which of the following rules is the BEST solution?
Question 134
File integrity monitoring states the following files have been changed without a written request or approved change.
The following change has been made:
chmod 777 -Rv /usr
Which of the following may be occurring?
The following change has been made:
chmod 777 -Rv /usr
Which of the following may be occurring?
Question 135
An incident response plan requires systems that contain critical data to be triaged first in the event of a compromise. Which of the following types of data would most likely be classified as critical?