Which data can be obtained using NetFlow? A. session data B. application logs C. network downtime D. report full packet capture

Which event occurs when a signature-based IDS encounters network traffic that triggers an alert? A. connection event B. endpoint event C. NetFlow event D. intrusion event

Which evasion method involves performing actions slower than normal to prevent detection? A. traffic fragmentation B. tunneling C. timing attack D. resource exhaustion

Which option is an advantage to using network-based anti-virus versus host-based anti- virus? A. Network-based has the ability to protect unmanaged devices and unsupported operating systems. B. There are no advantages compared to host-based antivirus. C. Host-based antivirus does not…

Which definition of vulnerability is true? A. an exploitable unpatched and unmitigated weakness in software B. an incompatible piece of software C. software that does not have the most current patch applied D. software that was not approved for installation

Which definition of a daemon on Linux is true? A. error check right after the call to fork a process B. new process created by duplicating the calling process C. program that runs unobtrusively in the background D. set of…

Which protocol is expected to have NTP a user agent, host, and referrer headers in a packet capture? A. NTP B. HTTP C. DNS D. SSH

Which hashing algorithm is the least secure? A. MD5 B. RC4 C. SHA-3 D. SHA-2

Which definition of permissions in Linux is true? A. rules that allow network traffic to go in and out B. table maintenance program C. written affidavit that you have to sign before using the system D. attributes of ownership and…

Which definition of a process in Windows is true? A. running program B. unit of execution that must be manually scheduled by the application C. database that stores low-level settings for the OS and for certain applications D. basic unit…