A security administrator is investigating a compromised host. Which of the following commands could the investigator use to display executing processes in real time?
A security administrator is investigating a compromised host. Which of the following commands could the investigator use to display executing processes in real time?
To display executing processes in real time, the 'top' command is the appropriate choice. 'top' provides a dynamic, real-time view of system processes, including their CPU and memory usage. The 'ps' command, on the other hand, generates a static snapshot of processes at the moment of execution, and does not update in real-time. 'nice' is used to set the priority of a process, not to display them. 'pstree' shows a tree of processes, but it is also a static representation. Therefore, to monitor processes as they happen, 'top' is the most suitable command.
A system administrator identifies unusual network traffic from outside the local network. Which of the following is the BEST method for mitigating the threat?
The best method for mitigating unusual network traffic from outside the local network is port blocking. By blocking unnecessary ports, potential threats can be prevented from accessing the network, thereby mitigating the threat effectively.
Which of the following technologies would reduce the risk of a successful SQL injection attack?
A web application firewall (WAF) is designed to monitor, filter, and block HTTP traffic to and from a web application. It can be configured to detect and prevent SQL injection attacks by identifying malicious patterns in the requests made to the web application, therefore reducing the risk of a successful SQL injection attack.
An incident responder has collected network capture logs in a text file, separated by five or more data fields. Which of the following is the BEST command to use if the responder would like to print the file (to terminal/screen) in numerical order?
The best command to use for printing the file in numerical order is 'sort -n'. The 'sort' command sorts lines of text within a file, and the '-n' option specifies a numerical sort, which is necessary for ordering numerical data correctly.
Which of the following characteristics of a web proxy strengthens cybersecurity? (Choose two.)
Filtering unwanted content strengthens cybersecurity by preventing access to malicious websites and downloading harmful materials. Limiting direct connection to the Internet adds an additional layer of security by inspecting and controlling traffic, reducing exposure to external threats.