Question 1

Why is encryption challenging to security monitoring?

Options :

A : Encryption analysis is used by attackers to monitor VPN tunnels.

B : Encryption is used by threat actors as a method of evasion and obfuscation.

C : Encryption introduces additional processing requirements by the CPU.

D : Encryption introduces larger packet sizes to analyze and store.

Answer: B

Question 2

Which security technology allows only a set of pre-approved applications to run on a system?

Options :

A : application-level blacklisting

B : host-based IPS

C : application-level whitelisting

D : antivirus

Answer: C

Question 3

At which layer is deep packet inspection investigated on a firewall?

Options :

A : internet

B : transport

C : application

D : data link

Answer: C

Question 4

Refer to the exhibit.

Which kind of attack method is depicted in this string?

Options :

A : cross-site scripting

B : man-in-the-middle

C : SQL injection

D : denial of service

Answer: A

Question 5

What causes events on a Windows system to show Event Code 4625 in the log messages?

Options :

A : The system detected an XSS attack

B : Someone is trying a brute force attack on the network

C : Another device is gaining root access to the system

D : A privileged user successfully logged into the system

Answer: B