FedVTE Cyber Security Investigations Exam 2023 with complete solution
6 views 0 purchase
Course
FedVTE
Institution
FedVTE
FedVTE Cyber Security Investigations Exam 2023 with complete solution
Which of the following can be determined by capturing and analyzing network traffic?
A. Intent of Insider Threat actors and logs of their activity
B. Communication and connections between hosts
C. Open files and R...
FedVTE Cyber Security Investigations Exam 2023 with
complete solution
Which of the following can be determined by capturing and analyzing network
traffic?
A. Intent of Insider Threat actors and logs of their activity
B. Communication and connections between hosts
C. Open files and Registry handles on individual hosts
D. Firewall and Intrusion Detection rules for the gateway
B. Communication and connections between hosts
Which of the following is a method to detect an incident?
A. IDS alarm
B. Log analysis
C. 3rd Party Information
D. Public or attacker announcement
E. All of the above
F. None of the above
E. All of the above
Which of the following describes hash analysis?
A. Validating file integrity by matching before and after hash values
B. Organizing data sets into key and hash value pairs
C. Matching file hash values against a set of known hash values
D. Identifying file types by analyzing individual hash values
C. Matching file hash values against a set of known hash values
, Which of the following is NOT a goal of triage?
A. Quickly identify indicators of compromise
B. Identify vectors used to compromise the systems
C. Determine normal and abnormal network behavior
D. Determine which systems require in-depth analysis
C. Determine normal and abnormal network behavior
What is the order of the stages of attacker methodology?
A. Footprinting, Vulnerability Exploitation, Foothold, Damage
B. Footprinting, Foothold, Vulnerability Exploitation, Damage
C. Footprinting, Vulnerability Exploitation, Damage, Foothold
D. Vulnerability exploitation, Footprinting, Foothold, Damage
A. Footprinting, Vulnerability Exploitation, Foothold, Damage
Why are analysis of file signatures and file extensions helpful to investigators?
A. They can identify what the file type is and what the OS will try to open it with
B. They can determine if the file was corrupted during transfer
C. They can indicate obfuscation by showing when signatures and extensions do
not match
D. They can show if the file was executed by a user or if it was a drive-by
download
C. They can indicate obfuscation by showing when signatures and extensions do not
match
Subjective data has no purpose in Incident Response considerations.
A. True
B. False
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller magdamwikash23. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $9.49. You're not tied to anything after your purchase.