A security specialist notices 100 HTTP GET and POST requests for multiple pages on the web servers. The agent in the requests contains PHP code that, if executed, creates and writes to a new PHP file on the webserver. Which event category is described?
Question 32
What specific type of analysis is assigning values to the scenario to see expected outcomes?
Question 33
When trying to evade IDS/IPS devices, which mechanism allows the user to make the data incomprehensible without a specific key, certificate, or password?
Question 34
Why is encryption challenging to security monitoring?
Question 35
An employee reports that someone has logged into their system and made unapproved changes, files are out of order, and several documents have been placed in the recycle bin. The security specialist reviewed the system logs, found nothing suspicious, and was not able to determine what occurred. The software is up to date; there are no alerts from antivirus and no failed login attempts. What is causing the lack of data visibility needed to detect the attack?
Question 36
A company receptionist received a threatening call referencing stealing assets and did not take any action assuming it was a social engineering attempt. Within 48 hours, multiple assets were breached, affecting the confidentiality of sensitive information. What is the threat actor in this incident?
Question 37
What is the relationship between a vulnerability and a threat?
Question 38
What is the principle of defense-in-depth?
Question 39
DRAG DROP - Drag and drop the uses on the left onto the type of security system on the right. Select and Place:
Question 40
What is the difference between the rule-based detection when compared to behavioral detection?