false negative
Which of the following attack can be eradicated by converting all non-alphanumeric characters to
HTML character entities before displaying the user input in search engines and forums?
C
Reference:
https://ktflash.gitbooks.io/ceh_v9/content/125_countermeasures.html
Which attack works like a dictionary attack, but adds some numbers and symbols to the words from
the dictionary and tries to crack the password?
B
Reference:
https://www.techrepublic.com/article/brute-force-and-dictionary-attacks-a-cheat-sheet/
Jony , a security analyst, while monitoring IIS logs, identified events shown in the figure below.
What does this event log indicate?
A
Identify the HTTP status codes that represents the server error.
D
Reference:
https://www.tutorialspoint.com/http/http_status_codes.htm
Emmanuel is working as a SOC analyst in a company named Tobey Tech. The manager of Tobey Tech
recently recruited an Incident Response Team (IRT) for his company. In the process of collaboration
with the IRT, Emmanuel just escalated an incident to the IRT.
What is the first step that the IRT will do to the incident escalated by Emmanuel?
C
David is a SOC analyst in Karen Tech. One day an attack is initiated by the intruders but David was not
able to find any suspicious events.
This type of incident is categorized into ?
C
false negative
Which of the following service provides phishing protection and content filtering to manage the
Internet experience on and off your network with the acceptable use or compliance policies?
C
Reference:
https://www.spamtitan.com/web-filtering/category/cybersecurity-advice/
InfoSystem LLC, a US-based company, is establishing an in-house SOC. John has been given the
responsibility to finalize strategy, policies, and procedures for the SOC.
Identify the job role of John.
B
Reference:
https://www.exabeam.com/security-operations-center/security-operations-center-roles-
and- responsibilities/
If the SIEM generates the following four alerts at the same time:
I. Firewall blocking traffic from getting into the network alerts
II. SQL injection attempt alerts
III. Data deletion attempt alerts
IV. Brute-force attempt alerts
Which alert should be given least priority as per effective alert triaging?
D
Which of the following threat intelligence helps cyber security professionals such as security
operations managers, network operations center and incident responders to understand how the
adversaries are expected to perform the attack on the organization, and the technical capabilities
and goals of the attackers along with the attack vectors?
D
Reference:
https://info-savvy.com/types-of-threat-intelligence/
Charline is working as an L2 SOC Analyst. One day, an L1 SOC Analyst escalated an incident to her for
further investigation and confirmation. Charline, after a thorough investigation, confirmed the
incident and assigned it with an initial priority.
What would be her next action according to the SOC workflow?
B
she should foraly raise an ticket
Which of the following tool can be used to filter web requests associated with the SQL Injection
attack?
B
Reference:
https://aip.scitation.org/doi/pdf/10.1063/1.4982570
Which of the following process refers to the discarding of the packets at the routing level without
informing the source that the data did not reach its intended recipient?
C
Reference:
https://en.wikipedia.org/wiki/Black_hole_(networking)#:~:text=In%20networking%2C%20black%
20holes%20refer,not%20reach%20its%20intended%20recipient.
John as a SOC analyst is worried about the amount of Tor traffic hitting the network. He wants to
prepare a dashboard in the SIEM to get a graph to identify the locations from where the TOR traffic is
coming.
Which of the following data source will he use to prepare the dashboard?
D
Which of the following contains the performance measures, and proper project and time
management details?
D
XSS Attacks