Question 6 of 462

One of the objectives of information security is to protect the CIA of information and systems.

What does CIA mean in this context?

Answer

Suggested Answer

The suggested answer is D.

In the context of information security, CIA stands for confidentiality, integrity, and availability. These three components form the core principles of the CIA triad. Confidentiality ensures that sensitive information is accessed only by authorized individuals. Integrity assures that the data is accurate and has not been tampered with. Availability means that the information is accessible to authorized users whenever needed. This triad is fundamental to maintaining the security and functionality of information systems.

Community Votes5 votes
DSuggested
100%
Question 7 of 462

What is rule-based detection when compared to statistical detection?

Answer

Suggested Answer

The suggested answer is C.

Rule-based detection relies on predefined rules and patterns to identify specific actions or behaviors, whereas statistical detection involves analyzing data to determine the probability or likelihood of an action being a security threat. Therefore, the primary difference is that rule-based detection does not focus on the likelihood of an action, it simply matches actions to a set of predefined rules. Statistical detection, on the other hand, assesses the likelihood of an action occurring based on statistical analysis. Hence, the correct answer emphasizes the likelihood of a user's action.

Community Votes5 votes
BMost voted
100%
Question 8 of 462

An engineer configured regular expression ".*\.([Dd][Oo][Cc]|[Xx][LI][Ss]|[Pp][Pp][Tt]) HTTP/1.[01]" on Cisco ASA firewall. What does this regular expression do?

Answer

Suggested Answer

The suggested answer is C.

The regular expression ".*\.([Dd][Oo][Cc]|[Xx][LI][Ss]|[Pp][Pp][Tt]) HTTP/1.[01]" captures Word (.doc, .DOC), Excel (.xls, .XLS), and PowerPoint (.ppt, .PPT) file extensions. The regex considers different cases (uppercase and lowercase) for these file extensions and matches them in both HTTP versions 1.0 and 1.1.

Community Votes11 votes
CSuggested
73%
A
27%
Question 9 of 462

Which process is used when IPS events are removed to improve data integrity?

Answer

Suggested Answer

The suggested answer is B.

Data normalization is the process of organizing data to reduce redundancy and improve data integrity by ensuring that each piece of data is stored in a consistent and standardized manner. In the context of IPS (Intrusion Prevention System) events, normalization involves removing duplicate or inconsistent data, which helps maintain the accuracy and reliability of the data. This process ensures that the data can be easily analyzed and used effectively for security and forensic purposes.

Community Votes6 votes
BSuggested
100%
Question 10 of 462

An analyst is investigating an incident in a SOC environment.

Which method is used to identify a session from a group of logs?

Answer

Suggested Answer

The suggested answer is C.

The most effective way to identify a session from a group of logs in a SOC (Security Operations Center) environment is by using the 5-tuple. The 5-tuple is a combination of the source IP address, source port, destination IP address, destination port, and the transport protocol. These five components together uniquely identify a network session, allowing an analyst to accurately isolate and investigate specific sessions within the log data.

Community Votes7 votes
CSuggested
100%