Exam 2: Analyzing Network Reconnaissance

Match the command switch used with nmap to generate on of the output types -Output in Extensible Markup Language

Jonquil, a cybersecurityanalyst, has been asked to implement a system that collects information for analysis about traffic flowing through the routers and switches on her company's network. Which of the following protocols should she considerto implement this type of setup?

Morena wants to use Wireshark to analyze the types of traffic being sent across her company's network. Which of the following types of analysis does she want to perform?

A cybersecurity analyst is researching syslog for possible implementation at his organization. He is reading about the elements that syslog messages contain and sees the priority and header fields. Which of the following fields contains the contents of the messages?

Umberto works for an organization that has created a policy prohibiting the use of open source software unless there is no alternative. He wants to sniff packets on the network, but most of the sniffer applications are open source. Which of the following software packages would adhere to the company's policy?

Nichole, a cybersecurity analyst, has received an alert about a potential ping flood on one of the company's Windows servers. She is able to connect to the server via an out-of-band management network. Which of the following native tools might help her verify what is occurring on the server at the moment?

Cyndi, a cybersecurity researcher, has been hired to comb through historical data at a large organization after an APT was discovered. She needs to determine the extent of the attack and be able to view various parts of the network's logs to give her the full context of what occurred. Which of the following might best describe the type of analysis she is performing?

Jorge is analyzing the event logs on a server and sees that someone attempted to log into a user account twice with the incorrect password before logging in successfully. In which of the following general types of logs were these events most likely captured?

Match the command switch used with nmap to generate on of the output types -Interactive output stored in a file

Match the command switch used with nmap to generate on of the output types -Output that can be manipulated using Linux command-line tools

Match the command switch used with nmap to generate on of the output types -Interactive

A threat actor has gone to a local coffee shop and opened a program that can analyze traffic being sent and received on the network. He finds that someone on the network is sending emails using SMTP without encryption, and he can see the contents of the emails. Which of the following programs is he most likely using?

Thierry wants to implement a method of analyzing network traffic to detect attacks by using a database of known attacks for comparison. Which of the following methods of analysis meets his goal?

Talera believes an evil twin might be planted somewhere around her company's office. Which of the following is the best method of finding where it might be located?

Tina wants to determine the fault toleranceof the servers in her data center, and is reviewing the previous 24 months of logs using an analysis tool. Which of the following types of analysis is Tina most likely performing?

Ian, a cybersecurity analyst, wants to use a system to identify when employees are using Telnet on the network by examining only the headers of packets as they traverse the network. Which of the following might he decide to implement to meet this goal?

Neo wants to consolidate real-time monitoring and management of security-related information with analysis and reporting of events. Which of the following might he want to implement?