Multiple Choice
Refer to the exhibit. An engineer is analyzing this Vlan0392-int12-239.pcap file in Wireshark after detecting a suspicious network activity. The origin header for the direct IP connections in the packets was initiated by a google chrome extension on a WebSocket protocol. The engineer checked message payloads to determine what information was being sent off-site but the payloads are obfuscated and unreadable. What does this STIX indicate?
A) The extension is not performing as intended because of restrictions since ports 80 and 443 should be accessible
B) The traffic is legitimate as the google chrome extension is reaching out to check for updates and fetches this information
C) There is a possible data leak because payloads should be encoded as UTF-8 text
D) There is a malware that is communicating via encrypted channels to the command and control server
Correct Answer:
Verified
Correct Answer:
Verified
Q95: Refer to the exhibit. What is the
Q96: <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1178/.jpg" alt=" Refer to the
Q97: A security expert is investigating a breach
Q98: A SOC analyst is notified by the
Q99: What is the purpose of hardening systems?<br>A)
Q101: The physical security department received a report
Q102: Refer to the exhibit. For IP 192.168.1.209,
Q103: Which action should be taken when the
Q104: What is a principle of Infrastructure as
Q105: A malware outbreak is detected by the