Jason, a SOC Analyst with Maximus Tech, was investigating Cisco ASA Firewall logs and came across the following log entry:
May 06 2018 21:27:27 asa 1: %ASA -5 – 11008: User 'enable_15' executed the 'configure term' command What does the security level in the above log indicates?
Correct Answer:A
Jane, a security analyst, while analyzing IDS logs, detected an event matching Regex /((<)|<)((i)|i|(I))((m)|m|(M))((g)|g|(G))[^n]+((>)|>)/|.
What does this event log indicate?
Correct Answer:C
Mike is an incident handler for PNP Infosystems Inc. One day, there was a ticket raised regarding a critical incident and Mike was assigned to handle the incident. During the process of incident handling, at one stage, he has performed incident analysis and validation to check whether the incident is a true incident or a false positive.
Identify the stage in which he is currently in.
Correct Answer:B
Which of the following attack inundates DHCP servers with fake DHCP requests to exhaust all available IP addresses?
Correct Answer:A
Which of the following are the responsibilities of SIEM Agents?
* 1. Collecting data received from various devices sending data to SIEM before forwarding it to the central engine.
* 2. Normalizing data received from various devices sending data to SIEM before forwarding it to the central engine.
* 3. Co-relating data received from various devices sending data to SIEM before forwarding it to the central engine.
* 4. Visualizing data received from various devices sending data to SIEM before forwarding it to the central engine.
Correct Answer:C