Untitled Quiz
- 1.
- Which of the following windows features is used to enable security auditing in windows?
- A.
Local Group Policy Editor
- B.
Windows Firewall
- C.
Windows Defender
- D.
Bitlocker
Correct Answer
A. Local Group Policy Editor - 2.
What is the process of monitoring and capturing all data packets passing through a given network using different tools?
- A.
Network scanning
- B.
Port scanning
- C.
Network Sniffing
- D.
DNS Footprinting
Correct Answer
C. Network Sniffing -
- 3.
Which of the following attack can be eradicated by using a safe API to avoid the use of the interpreter entirely?
- A.
LDAP Injection Attacks
- B.
File Injection Attacks
- C.
Command Injection Attack
- D.
SQL Injection Attacks
Correct Answer
C. Command Injection Attack -
- 4.
Ray is SOC analyst in a company named Queens Tech. One day, Qeens Tech is afftected by a DoS/DDoS attack. For the containment of this incident, Ray and his team are trying to provide additional bandwidth to the network devices and increasing the capacity of the servers. What is Ray and his team doing?
- A.
Blocking the Attacks
- B.
Diverting Traffic
- C.
Absorbing the attack
- D.
Degrading Services
Correct Answer
C. Absorbing the attack -
- 5.
Robin, a SOC engineer in a multinational company, is planning to implement a SIEM. He realized that his organization is capable of performing only correlation, Analysis, Reporting, Retention, Alerting, and Visualization required for the SIEM implementation and has to take collection and aggregation services from a managed security services Provider (MSSP). What kind of SIEM is Robin planning to implement?
- A.
Self-hosted, self-managed
- B.
Self-hosted, MSSP managed
- C.
Cloud Self Managed
- D.
Hybrid Model, jointly Managed
Correct Answer
C. Cloud Self Managed -
- 6.
Which of the following windows Event ID will help you monitors file sharing across the network?
- A.
4624
- B.
7045
- C.
4625
- D.
5140
Correct Answer
D. 5140 -
- 7.
What does HTTPS status code 403 represents?
- A.
Forbidden Error
- B.
Internal Server Error
- C.
Not Found Error
- D.
Unauthorized Error
Correct Answer
A. Forbidden Error -
- 8.
Peter, a SOC analyst with Spade Systems, is monitoring and analyzing the router logs of the company and wanted to check the logs that are generated by access control list numbered 210. What filter should peter add to the ‘show logging’ command to get the required output?
- A.
Show logging | route 210
- B.
Show logging | include 210
- C.
Show logging | access 210
- D.
Show logging | forward 210
Correct Answer
B. Show logging | include 210 -
- 9.
According to the Risk Matrix table, what will be the risk level when the probability of an attack is very low and the impact of that attack is major.
- A.
Low
- B.
High
- C.
Extreme
- D.
Medium
Correct Answer
D. Medium -
- 10.
The threat intelligence, which will help you, understand adversary intent and make informed decision to ensure appropriate security in alignment with risk. What kind of threat intelligence described above?
- A.
Functional Threat Intelligence
- B.
Strategic Threat Intelligence
- C.
Operational Threat Intelligence
- D.
Tactical Threat Intelligence
Correct Answer
B. Strategic Threat Intelligence -
- 11.
An attacker, in an attempt to exploit the vulnerability in the dynamically generated welcome page, inserted code at the end of the company’s URL as follows: http://technosoft.com.com/<script>alert (“WARNING: the application has encountered an error”); <script>. Identify the attack demonstrated in the above scenario.
- A.
Cross-site Scripting Attack
- B.
Denial-of-Service Attack
- C.
Session Attack
- D.
SQL Injection Attack
Correct Answer
A. Cross-site Scripting Attack -
- 12.
Emmanuel is working as a SOC analyst in a company named Tobey Tech. The manager of Tobey Tech recently recruited an Incident Response Team (IRT) for his company. In the process of collaboration with the IRT, Emmanuel just escalated an incident to the IRT. What is the first step that the IRT will do to the indent escalated by Emmanuel?
- A.
Incident Prioritization
- B.
Incident Analysis and validation
- C.
Incident Recording
- D.
Incident Classification
Correct Answer
B. Incident Analysis and validation -
- 13.
An organization wants to implement a SIEM deployment architecture. However, they have the capability to do only log collection and the rest of the SIEM functions must be managed by an MSSP. Which SIEM deployment architecture will the organization adopt?
- A.
Self-hosted, self-managed
- B.
Self-hosted, MSSP managed
- C.
Cloud, MSSP-managed
- D.
Self-hosted, jointly Managed
Correct Answer
B. Self-hosted, MSSP managed -
- 14.
Which of the following technique protects from flooding attacks originated from the valid prefixes (IP addresses) so that they can be traced to its true source?
- A.
Egress Filtering
- B.
Throttling
- C.
Ingress Filtering
- D.
Rate Limiting
Correct Answer
C. Ingress Filtering -
- 15.
Which of the following command is used to view iptables logs on Ubuntu and debian distributions?
- A.
$tailf /var/log/sys/kern.log
- B.
$tailf /var/log/kern.log
- C.
#tailf /var/log/sys/messages
- D.
#tailf /var/log/messages
Correct Answer
B. $tailf /var/log/kern.log -
Quiz Review Timeline +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
-
Current Version
-
May 05, 2024Quiz Edited by
ProProfs Editorial Team -
May 05, 2024Quiz Created by
Engr. Md.
Back to top