Question 1

Refer to the exhibit.

What is the potential threat identified in this Stealthwatch dashboard?

Options :

A : A policy violation is active for host 10.10.101.24.

B : A host on the network is sending a DDoS attack to another inside host.

C : There are two active data exfiltration alerts.

D : A policy violation is active for host 10.201.3.149.

Answer: C

Question 2

What causes events on a Windows system to show Event Code 4625 in the log messages?

Options :

A : The system detected an XSS attack

B : Someone is trying a brute force attack on the network

C : Another device is gaining root access to the system

D : A privileged user successfully logged into the system

Answer: B

Question 3

What describes a buffer overflow attack?

Options :

A : injecting new commands into existing buffers

B : fetching data from memory buffer registers

C : overloading a predefined amount of memory

D : suppressing the buffers in a process

Answer: C

Question 4

What is the difference between statistical detection and rule-based detection models?

Options :

A : Rule-based detection involves the collection of data in relation to the behavior of legitimate users over a period of time

B : Statistical detection defines legitimate data of users over a period of time and rule-based detection defines it on an IF/THEN basis

C : Statistical detection involves the evaluation of an object on its intended actions before it executes that behavior

D : Rule-based detection defines legitimate data of users over a period of time and statistical detection defines it on an IF/THEN basis

Answer: B

Question 5

Refer to the exhibit.

A company's user HTTP connection to a malicious site was blocked according to configured policy. What is the source technology used for this measure?

Options :

A : network application control

B : firewall

C : IPS

D : web proxy

Answer: C