Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

SOC Analyst > SOC Concepts > Flashcards

SOC Concepts Flashcards

1
Q

What are the four steps in the NIST SP 800 61r2 framework

A

Preparation; Detection & analysis; Containment, Eradication, Recovery; Post-incident Activity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the 3 types of NIDS?

A

Inline, Network Tap, Passive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the difference between NIDS and HIDS

A

NIDS is network security monitoring traffic in networks. HIDS is End Point Security host and monitors individual devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the 7 layers in the OSI Model

A

Application, Presentation, Session, Transport, Network, Data Link, Physical.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the Application layer?

A

End User Layer. in charge of providing an interface for the user to interact, communicate, and give commands to the computer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the Presentation Layer?

A

Syntax layer. is the translator between the machine and the user. This layer is also responsible for encryption and decryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the Session Layer?

A

Synch and sent to port. The session layer is responsible for managing sessions between machines to enable communication between them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the Transport Layer?

A

End-to-end connections. The transport layer is responsible for the transparent transfer of data between two computers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the Network layer?

A

Packets. The network layer is responsible for redirecting the connection and transferring the data between two different networks by physical means, in search of the best path that allows this data to reach its destination in the shortest time possible.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the Data Link layer?

A

Frames. This layer is in charge of the addressing and physical transmission of the data, carrying out its encapsulation, and separating them into frames that will be easily directed by the physical transfer media.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the Physical layer?

A

Physical structure. responsible for the topology and the global connections from the computer to the network that allows the transmission and the physical operation of the system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What protocol is on Port 20,21?

A

File Transfer Protocol (FTP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What protocol is on Port 22?

A

Secure Shell (SSH)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What protocol is on Port 23?

A

Telnet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What protocol is on Port 25?

A

Simple Mail Transfer Protocol (SMTP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What protocol is on Port 53?

A

Domain Name System (DNS)

17
Q

What protocol is on Port 67,68?

A

Dynamic Host Configuration Protocol (DHCP)

18
Q

What protocol is on Port 80?

A

Hypertext Transfer Protocol (HTTP)

19
Q

What protocol is on Port 443?

A

Hypertext Transfer Protocol Secure (HTTPS)

20
Q

What protocol is on Port 514?

A

Syslog (UDP)

SOC Analyst (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions