Refer to the exhibit. We have performed a malware detection on the Cisco website. Which statement about the result is true?
A. The website has been marked benign on all 68 checks.
B. The threat detection needs to run again.
C. The website has 68 open threats.
D. The website has been marked benign on 0 checks.
A CMS plugin creates two files that are accessible from the Internet myplugin.html and exploitable.php. A newly discovered exploit takes advantage of an injection vulnerability in exploitable.php. To exploit the vulnerability, one must send an HTTP POST with specific variables to exploitable.php. You see traffic to your webserver that consists of only HTTP GET requests to myplugin.html. Which category best describes this activity?
A. weaponization
B. exploitation
C. installation
D. reconnaissance
Which of the following are not components of the 5-tuple of a flow in NetFlow? (Select all that apply.)
A. Source IP address
B. Flow record ID
C. Gateway
D. Source port
E. Destination port
Which of the following is typically a responsibility of a PSIRT?
A. Configure the organization's firewall
B. Monitor security logs
C. Investigate security incidents in a security operations center (SOC)
D. Disclose vulnerabilities in the organization's products and services
At which stage attacking the vulnerability belongs in Cyber kill chain?
A. Exploitation
B. Reconnaissance
C. Weaponization
D. Delivery
E. Installation
F. Command and control (C2)
G. Actions on objectives
Which two useful pieces of information can be collected from the IPv4 protocol header? (Choose two.)
A. UDP port which the traffic is destined
B. source IP address of the packet
C. UDP port from which the traffic is sourced
D. TCP port from which the traffic was source
E. destination IP address of the packet
What is the definition of integrity according to CVSSv3 framework?
A. This metric measures the impact to the confidentiality of the information resources that are managed by a software component due to a successfully exploited vulnerability.
B. This metric measures the impact to integrity of a successfully exploited vulnerability. Integrity refers to the trustworthiness and veracity of information.
C. This metric measures the impact to the availability of the impacted component resulting from a successfully exploited vulnerability.
Which HTTP header field is usually used in forensics to identify the type of browser used?
A. User agent
B. Referrer
C. Host
D. Accept-language
Which concept is used to understand instances of the same cybersecurity event occurring over the course of a few weeks that could be linked together through multiple illustrations and then linked back to the same adversary?
A. threat model
B. intrusion threat intelligence model
C. compliance and Intrusion model
D. diamond model of intrusion
Refer to the exhibit. Which information is interesting about the HTTP GET shown?
A. The User-Agent is Mozilla/4.0
B. The HTTP GET is encoded
C. timestamps
D. The protocol is TCP