Chat with AI
Deck 9: Reacting to a Cyber Incident: Analyzing Common Symptoms
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/10
Play
Full screen (f)
Deck 9: Reacting to a Cyber Incident: Analyzing Common Symptoms
1
_______________ occurs when infected devices attempt to contact a threat actor's external command and control (C&C) server.
Beaconing
2
What is a sudden, unusual surge in network bandwidth use called?
A) Spike
B) Bolus
C) Peak
D) Apogee
A) Spike
B) Bolus
C) Peak
D) Apogee
A
3
What is a named pipe?
A logical connection (like a TCP session) between a client and server that use Server Message Block.
4
Which of the following is not a network symptom of an attack?
A) Stealth transmissions
B) Memory overflows
C) Scan sweeps
D) Unauthorized network devices
A) Stealth transmissions
B) Memory overflows
C) Scan sweeps
D) Unauthorized network devices
Unlock Deck
Unlock for access to all 10 flashcards in this deck.
Unlock Deck
k this deck
5
What is the term for thousands of bot computers that are gathered into a logical computer network?
A) Botstorm
B) Botnique
C) Bot herd
D) Botnet
A) Botstorm
B) Botnique
C) Bot herd
D) Botnet
Unlock Deck
Unlock for access to all 10 flashcards in this deck.
Unlock Deck
k this deck
6
Name a tool that can be used to determine if a cyber incident is taxing a processor's resources.
Unlock Deck
Unlock for access to all 10 flashcards in this deck.
Unlock Deck
k this deck
7
Attackers have no reliable way to take advantage of a processor with multiple cores.
Unlock Deck
Unlock for access to all 10 flashcards in this deck.
Unlock Deck
k this deck
8
What is the act of changing operating system settings or exploiting a software vulnerability to access resources that users normally would be restricted from accessing?
Unlock Deck
Unlock for access to all 10 flashcards in this deck.
Unlock Deck
k this deck
9
What kind of attack occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer?
A) Source overflow
B) Integer overflow
C) Buffer overflow
D) Address overflow
A) Source overflow
B) Integer overflow
C) Buffer overflow
D) Address overflow
Unlock Deck
Unlock for access to all 10 flashcards in this deck.
Unlock Deck
k this deck
10
In the context of cybersecurity, DLP is an abbreviation for which of the following?
A) data log propagation
B) data loss prevention
C) digital loss prevention
D) digital limit processing
A) data log propagation
B) data loss prevention
C) digital loss prevention
D) digital limit processing
Unlock Deck
Unlock for access to all 10 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 10 flashcards in this deck.
