Question 1

Which tool provides a full packet capture from network traffic?

Options :

A : Nagios

B : CAINE

C : Hydra

D : Wireshark

Answer: D

Question 2

Which utility blocks a host portscan?

Options :

A : HIDS

B : sandboxing

C : host-based firewall

D : antimalware

Answer: C

Question 3

Which artifact is used to uniquely identify a detected file?

Options :

A : file timestamp

B : file extension

C : file size

D : file hash

Answer: D

Question 4

Refer to the exhibit.

Which kind of attack method is depicted in this string?

Options :

A : cross-site scripting

B : man-in-the-middle

C : SQL injection

D : denial of service

Answer: A

Question 5

Why is encryption challenging to security monitoring?

Options :

A : Encryption analysis is used by attackers to monitor VPN tunnels.

B : Encryption is used by threat actors as a method of evasion and obfuscation.

C : Encryption introduces additional processing requirements by the CPU.

D : Encryption introduces larger packet sizes to analyze and store.

Answer: B