Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Google Cybersecurity Professional certificate > Network traffic and logs using IDS and SIEM tools > Flashcards

Network traffic and logs using IDS and SIEM tools Flashcards

1
Q

Anomaly-based analysis

A

A detection method that identifies abnormal behavior

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Array:

A

A data type that stores data in a comma-separated ordered list

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Common Event Format (CEF):

A

A log format that uses key-value pairs to structure data and identify fields and their corresponding values

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Configuration file:

A

A file used to configure the settings of an application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Endpoint:

A

Any device connected on a network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Intrusion detection systems (IDS):

A

An application that monitors system activity and alerts on possible intrusions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Endpoint detection and response (EDR):

A

An application that monitors an endpoint for malicious activity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

False positive:

A

An alert that incorrectly detects the presence of a threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Host-based intrusion detection system (HIDS):

A

An application that monitors the activity of the host on which it’s installed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Log:

A

A record of events that occur within an organization’s systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Key-value pair:

A

A set of data that represents two linked items: a key, and its corresponding value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Logging:

A

The recording of events occurring on computer systems and networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Log analysis:

A

The process of examining logs to identify events of interest

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Log management:

A

The process of collecting, storing, analyzing, and disposing of log data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Network-based intrusion detection system (NIDS):

A

An application that collects and monitors network traffic and network data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Security information and event management (SIEM)

A

An application that collects and analyzes log data to monitor critical activities in an organization

12
Q

Search Processing Language (SPL):

A

Splunk’s query language

12
Q

Object:

A

A data type that stores data in a comma-separated list of key-value pairs

13
Q

Signature:

A

A pattern that is associated with malicious activity

14
Q

Signature analysis:

A

A detection method used to find events interest

15
Q

Suricata:

A

An open-source intrusion detection system, intrusion prevention system, and network analysis tool

16
Q

Telemetry:

A

The collection and transmission of data for analysis

17
Q

Wildcard:

A

A special character that can be substituted with any other character

18
Q

YARA-L:

A

A computer language used to create rules for searching through ingested log data

19
Q

Zero-day:

A

An exploit that was previously unknown

Google Cybersecurity Professional certificate (32 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions