SECFND 13: Security Data Collection

Question 1

Transaction Data

Answer 1

Operations that occur during network sessions

Question 2

Epoch time

Answer 2

of seconds since 1/1/70

Question 3

TCP_Hit (Proxy)

Answer 3

Cached in proxy

Question 4

HTTP 200 Series

Answer 4

Successful

Question 5

HTTP 300 Series

Answer 5

Redirected

Question 6

HTTP 400 Series

Answer 6

Client side errors (403 forbidden, 401 Unauthorized)

Question 7

HTTP 400 Series

Answer 7

Server side errors

Question 8

HTTP Get

Answer 8

Retrieval and simple searches

Question 9

HTTP Post

Answer 9

Submit Data-query

Question 10

HTTP Put

Answer 10

Upload files

Question 11

HTTP Head

Answer 11

Retrieve Metadata

Question 12

HTTP Delete

Answer 12

Remove resource

Question 13

HTTP Trace

Answer 13

Application layer trace of route

Question 14

HTTP Option

Answer 14

Request available methods

Question 15

HTTP Connect

Answer 15

Tunnel SSL Connection

Question 16

HTTP Propfind

Answer 16

Retrieve properties of an object

Question 17

IPFIX

Answer 17

Latest version of netflow

Question 18

A flow

Answer 18

unidirectional series of packets between a source and a destination. 5 tuple is constant in a flow

Question 19

Flow stitching

Answer 19

Combines unidirectional flow records into once record

Question 20

NAT Stitching

Answer 20

Combine internal and external NAT info into one record

Question 21

Netflow provides…

Answer 21

An audit trail