Cyber security Operations exam Fundamentals 2023 with 100% correct answers

Which three technologies should be included in a security information and event management system in a soc correct answersSecurity monitoring. Intrusion prevention. Vulnerability tracking. How is a source IP address used in a standard ACL? correct answersIt is used to determine the default gateway of the router that has the ACL applied. Two statements that describe access attacks correct answersPassword attacks can be implemented by the use of brute-force attack methods, Trojan horses, or packet sniffers. Buffer overflow attacks write data beyond the allocated buffer memory to overwrite valid data or to exploit systems to execute malicious code. Why is Diffie-Hellman algorithm typically avoided for encrypting data? correct answersThe large numbers used by DH make it to slow for bulk data transfers. Which metric class in the CVSS Basic Metric Group identifies the impacts on Confidentiality, Integrity and Availability? correct answersImpact. How might DNS be used by a threat actor to create mayhem? correct answersCollect personal information and encodes the data in outgoing DNS queries. Refer to the exhibit. A network security specialist issues the command tcpdump to capture events. What does the number 6337 indicate? correct answersThe process id of the tcpdump command What is the responsibility of the human resources department when handling a security incident? correct answersApply disciplinary measures if an incident is caused by an employee.