An organization is implementing and deploying the SIEM with following capabilities.

  • Post author:
  • Post category:Uncategorized
  • Post comments:0 Comments
  • Post last modified:August 1, 2021
  • Reading time:1 mins read

An organization is implementing and deploying the SIEM with following capabilities. What kind of SIEM deployment architecture the organization is planning to implement? Cloud, MSSP Managed Self-hosted, Jointly Managed Self-hosted,…

Continue ReadingAn organization is implementing and deploying the SIEM with following capabilities.

Juliea a SOC analyst, while monitoring logs, noticed large TXT, NULL payloads. What does this indicate?

  • Post author:
  • Post category:Uncategorized
  • Post comments:0 Comments
  • Post last modified:August 1, 2021
  • Reading time:1 mins read

Juliea a SOC analyst, while monitoring logs, noticed large TXT, NULL payloads. What does this indicate? Concurrent VPN Connections Attempt DNS Exfiltration Attempt Covering Tracks Attempt DHCP Starvation Attempt

Continue ReadingJuliea a SOC analyst, while monitoring logs, noticed large TXT, NULL payloads. What does this indicate?

Which of the following formula is used to calculate the EPS of the organization?

  • Post author:
  • Post category:Uncategorized
  • Post comments:0 Comments
  • Post last modified:August 1, 2021
  • Reading time:1 mins read

Which of the following formula is used to calculate the EPS of the organization? EPS = average number of correlated events / time in seconds EPS = number of normalized…

Continue ReadingWhich of the following formula is used to calculate the EPS of the organization?

Which of the following technique involves scanning the headers of IP packets leaving a network to make sure that the unauthorized or malicious traffic never leaves the internal network?

  • Post author:
  • Post category:Uncategorized
  • Post comments:0 Comments
  • Post last modified:August 1, 2021
  • Reading time:1 mins read

Which of the following technique involves scanning the headers of IP packets leaving a network to make sure that the unauthorized or malicious traffic never leaves the internal network? Egress…

Continue ReadingWhich of the following technique involves scanning the headers of IP packets leaving a network to make sure that the unauthorized or malicious traffic never leaves the internal network?

Which of the following command is used to view iptables logs on Ubuntu and Debian distributions?

  • Post author:
  • Post category:Uncategorized
  • Post comments:0 Comments
  • Post last modified:August 1, 2021
  • Reading time:1 mins read

Which of the following command is used to view iptables logs on Ubuntu and Debian distributions? $ tailf /var/log/sys/kern.log $ tailf /var/log/kern.log # tailf /var/log/messages # tailf /var/log/sys/messages

Continue ReadingWhich of the following command is used to view iptables logs on Ubuntu and Debian distributions?

According to the Risk Matrix table, what will be the risk level when the probability of an attack is very low and the impact of that attack is major?

  • Post author:
  • Post category:Uncategorized
  • Post comments:0 Comments
  • Post last modified:August 1, 2021
  • Reading time:1 mins read

According to the Risk Matrix table, what will be the risk level when the probability of an attack is very low and the impact of that attack is major? High…

Continue ReadingAccording to the Risk Matrix table, what will be the risk level when the probability of an attack is very low and the impact of that attack is major?

Where will you find the reputation IP database, if you want to monitor traffic from known bad IP reputation using OSSIM SIEM?

  • Post author:
  • Post category:Uncategorized
  • Post comments:0 Comments
  • Post last modified:August 1, 2021
  • Reading time:1 mins read

Where will you find the reputation IP database, if you want to monitor traffic from known bad IP reputation using OSSIM SIEM? /etc/ossim/reputation /etc/ossim/siem/server/reputation/data /etc/siem/ossim/server/reputation.data /etc/ossim/server/reputation.data

Continue ReadingWhere will you find the reputation IP database, if you want to monitor traffic from known bad IP reputation using OSSIM SIEM?

The Syslog message severity levels are labelled from level 0 to level 7. What does level 0 indicate?

  • Post author:
  • Post category:Uncategorized
  • Post comments:0 Comments
  • Post last modified:August 1, 2021
  • Reading time:1 mins read

The Syslog message severity levels are labelled from level 0 to level 7. What does level 0 indicate? Alert Notification Emergency Debugging

Continue ReadingThe Syslog message severity levels are labelled from level 0 to level 7. What does level 0 indicate?

Which encoding replaces unusual ASCII characters with “%” followed by the character’s two-digit ASCII code expressed in hexadecimal?

  • Post author:
  • Post category:Uncategorized
  • Post comments:0 Comments
  • Post last modified:August 1, 2021
  • Reading time:1 mins read

Which encoding replaces unusual ASCII characters with "%" followed by the character’s two-digit ASCII code expressed in hexadecimal? Unicode Encoding UTF Encoding Base64 Encoding URL Encoding

Continue ReadingWhich encoding replaces unusual ASCII characters with “%” followed by the character’s two-digit ASCII code expressed in hexadecimal?