Module 4-01 Challenge Flashcards
Which of the following statements correctly describe logs? Select all that apply.
- A log is used as a formal guide to incident response.
- A business might log each time an employee signs into their computer.
- Security professionals use logs to visualize data.
- A log is a record of events that occur within an organization’s systems.
- Logs help identify vulnerabilities and potential security breaches.
- A business might log errors that occurred as a result of high network traffic.
- Security professionals use logs to query databases.
- A business might log each time an employee signs into their computer.
- A log is a record of events that occur within an organization’s systems.
- Logs help identify vulnerabilities and potential security breaches.
- A business might log errors that occurred as a result of high network traffic.
Which of the following tasks can be performed using SIEM tools? Select all that apply.
- Implementing security software programs
- Monitoring critical activities
- Analyzing filtered events and patterns
- Saving time by reducing the amount of data to be reviewed
- Providing alerts for specific types of risks and threats
- Helping security analysts identify potential breaches
- Collecting and analyzing data
- Requesting security data from government agencies
- Monitoring critical activities
- Analyzing filtered events and patterns
- Saving time by reducing the amount of data to be reviewed
- Providing alerts for specific types of risks and threats
- Helping security analysts identify potential breaches
- Collecting and analyzing data
A cybersecurity analyst is tasked with proactively searching for threats and performing incident analysis. What type of tool should they use?
- Chain of custody playbook
- Security information and event management (SIEM)
- Linux operating system
- Structured Query Language (SQL)
Security information and event management (SIEM)
Security professionals use _____ to help them manage a security incident before, during, and after it has occurred.
- programming
- charts
- spreadsheets
- playbooks
playbooks
As a security analyst, you are monitoring network traffic to ensure that SPII data is not being accessed by unauthorized users. What does this scenario describe?
- Using a network protocol analyzer (packet sniffer)
- Programming with code
- Calculating with formulas
- Gathering data in a spreadsheet
Using a network protocol analyzer (packet sniffer)
What are some key benefits of programming languages? Select all that apply.
- To provide details about any operational action
- Can be used to create a specific set of instructions for a computer to execute tasks
- Execute repetitive processes very accurately
- Complete repetitive tasks with a high degree of efficiency
- They filter through data points faster than humans can working manually.
- Can be used to create a specific set of instructions for a computer to execute tasks
- Execute repetitive processes very accurately
- Complete repetitive tasks with a high degree of efficiency
- They filter through data points faster than humans can working manually.
A security team wants to examine logs to understand what is occurring within their systems. Why might they choose Linux to perform this task? Select two answers.
- It is open source.
- It is an efficient programming language.
- It is proprietary.
- It allows for text-based commands by users.
- It is open source.
- It allows for text-based commands by users.
To request information from a _____, security professionals can use SQL.
- database
- dashboard
- spreadsheet
- network
database
What are some key benefits of using Python to perform security tasks? Select all that apply.
- It makes static data more dynamic.
- It helps security professionals be more accurate.
- It simplifies repetitive tasks.
- It is designed for high levels of accuracy.
- It saves time.
- It helps security professionals be more accurate.
- It simplifies repetitive tasks.
- It is designed for high levels of accuracy.
- It saves time.
A security team uses a _____ to help them document organizational processes from beginning to end.
- toolkit
- graph
- playbook
- legend
playbook
As a security analyst, you are monitoring network traffic and detect a large number of failed login attempts. Which of the following tools would help you investigate this incident? Select two answers.
- An antivirus software
- A cryptographic encoder
- An intrusion detection system (IDS)
- A network protocol analyzer (packet sniffer)
- An intrusion detection system (IDS)
- A network protocol analyzer (packet sniffer)
What term is used to describe publicly available systems, such as Linux?
- Restricted
- Open-source
- Unregulated
- Free-for-all
Open-source
Security professionals can use _____ to interact with and request information from a database.
- SQL
- logs
- playbooks
- network protocol analyzers (packet sniffers)
SQL
