Multiple Choice
Which piece of information is needed for attribution in an investigation?
A) proxy logs showing the source RFC 1918 IP addresses
B) RDP allowed from the Internet
C) known threat actor behavior
D) 802.1x RADIUS authentication pass arid fail logs
Correct Answer:
Verified
Correct Answer:
Verified
Q131: An engineer discovered a breach, identified the
Q132: What is an attack surface as compared
Q133: <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1178/.jpg" alt=" Refer to the
Q134: Which NIST IR category stakeholder is responsible
Q135: <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1178/.jpg" alt=" Refer to the
Q136: A security expert is working on a
Q137: Which step in the incident response process
Q138: <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1178/.jpg" alt=" Refer to the
Q140: An engineer receives a security alert that
Q141: Which list identifies the information that the