Multiple Choice
A security engineer is investigating a compromise that occurred between two internal computers. The engineer has determined during the investigation that one computer infected another. While reviewing the IDS logs, the engineer can view the outbound callback traffic, but sees no traffic between the two computers. Which of the following would BEST address the IDS visibility gap?
A) Install network taps at the edge of the network.
B) Send syslog from the IDS into the SIEM.
C) Install HIDS on each computer.
D) SPAN traffic form the network core into the IDS.
Correct Answer:
Verified
Correct Answer:
Verified
Q235: A company's existing forward proxies support software-based
Q236: Following a recent data breach, a company
Q237: A company contracts a security engineer to
Q238: A security architect is designing a system
Q239: Given the following code snippet: <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1257/.jpg"
Q241: A consulting firm was hired to conduct
Q242: A security engineer is performing an assessment
Q243: A security engineer has implemented an internal
Q244: The legal department has required that all
Q245: An engineer is reviewing the security architecture