1answer.
Ask question
Login Signup
Ask question
All categories
  • English
  • Mathematics
  • Social Studies
  • Business
  • History
  • Health
  • Geography
  • Biology
  • Physics
  • Chemistry
  • Computers and Technology
  • Arts
  • World Languages
  • Spanish
  • French
  • German
  • Advanced Placement (AP)
  • SAT
  • Medicine
  • Law
  • Engineering
barxatty [35]
3 years ago
12

A network security analyst received an alert about a potential malware threat on a user’s computer. What can the analyst review

to get detailed information about this compromise? Check all that apply
Computers and Technology
1 answer:
kaheart [24]3 years ago
6 0

Complete Question:

A network security analyst received an alert about a potential malware threat on a user’s computer. What can the analyst review to get detailed information about this compromise? Check all that apply.

A. Logs.

B. Full Disk Encryption (FDE).

C. Binary whitelisting software.

D. Security Information and Event Management (SIEM) system.

Answer:

A. Logs.

D. Security Information and Event Management (SIEM) system.

Explanation:

If a network security analyst received an alert about a potential malware threat on a user’s computer. In order to get a detailed information about this compromise, the analyst should review both the logs and Security Information and Event Management (SIEM) system.

In Computer science, logs can be defined as records of events triggered by a user, operating system and other software applications running on a computer. Log files are used to gather information stored on a computer such as user activities, system performance and software program.

Security Information and Event Management (SIEM) system is the process of gathering and integration of all the logs generated by a computer from various software application, service, process, or security tool.

These logs collected through the SIEM are shown in a format that is readable by the security analyst and this help in real-time detection of threats.

<em>Hence, logs and SIEM systems are important tools for network security analyst for detection of threats in real-time and event management functions.</em>

You might be interested in
Different network scenarios require the
Vladimir [108]

Answer:

a) Viruses

Explanation:

Vulnerability assessment is performed by variety of tools and these can be protocol analyzer, vulnerability scanner, Honeypots, port scanners, honey nets and banner grabbing tools.

Port scanners : they are used to scan the ports which can be exploited by attackers. Most of TCP/IP applications communicate using different ports and attackers can exploit these ports if they are found vulnerable. for example : ports like 80 and 443 are commonly used for HTTP and SSL communication. 22 is used for SSH and if they are open to world then it will allow attackers to use those to get the entry into the system.

Protocol Analyzers : They are used to analyze the packet captures. tools like wireshark, tshark, these tools will help user to decode HTTP/SSL/HTTPS/FTP/RSTP or any application protocols communication. this will help user to understand any unwanted or non-anticipated traffic.

Vulnerability Scanners : They are used to detect the vulnerabilities in the network or systems. these will help administrators to get the alerts whenever there are unanticipated activity. It will have two types of scanners one is active scanner and other is passive scanner. Active scanners will keep on sending probes at the fixed time slots and passibe scanners will be in listening mode all the time. These scanners will alert when a new nodes comes up or goes down or if any system gets compromised.

Honeypots and Honey nets : They are devices or softwares which are having limited security. These devices are made vulnerable purposefully so that attackers can try and attack.  This will help softwares to detect the attackers when they try to exploit these open vulnerabilities. They are deceptions created with purpose.

Banner grabbing Tools : These are tools which will capture the banner information like HTTP protocol version, underlying operating system, open ssl versions being used, server software and similar information. these are important as it will open up potential vulnerabilities in the underlying software. for ex : SSLv3 has a vulnerability known to world and can be exploited by anyone.

4 0
3 years ago
Several users on the second floor of your company's building are reporting that the network is down. you go to the second floor
Svetllana [295]

Answer:

Question users

Explanation:

Q:

Several users on the second floor of your company's building are reporting that the network …

A. Establish a plan of action

B. Question users...

A:

B. Question users

8 0
2 years ago
In this lab, you declare and initialize variables in a C++ program. The program, which is saved in a file named NewAge.cpp, calc
Ne4ueva [31]

Answer:

#include <iostream>

using namespace std;

int main() {

int currentYear = 2020;

int myCurrentAge = 23;

int myNewAge=myCurrentAge+(2050-currentYear);

cout << "My Current Age is " << myCurrentAge << endl;

cout << "I will be " << myNewAge << " in 2050." << endl;

}

Explanation:

  • Initialize the currentYear with 2020 and myCurrentAge with 23.
  • Add myCurrentAge with the the result of (2015 - currentYear) and assign this result to myNewAge variable.
  • Finally display my current age and after that display the new age in 2050.

Output:

My Current Age is 23

I will be 53 in 2050.

6 0
3 years ago
Your corporation hosts a Web site at the static public IP address 92.110.30.123.
ivann1987 [24]

Answer:

Check the explanation

Explanation:

In line with the question, we can now derive that:

The router's outside interface IP address will be 92.110.30.65.

The router's inside interface IP address will be 192.168.11.254.

The Web site's IP public IP address will be 92.110.30.123.

The private IP address of the backup Web server will be 192.168.11.110.

and when we say IP address, it stands for Internet Protocol, it is a set of usual predefined rules which are utilized to administrate the manner to which data packets are sent over the internet. An IP address, which is typically just identified as an IP, is a sequence of figures used to uniquely recognize a computer/device on a particular network or on the internet space.

7 0
3 years ago
Intelligent computer uses _________ to learn.
Olenka [21]

Answer: a test

Explanation:

5 0
2 years ago
Other questions:
  • What's a qat on a computer
    12·2 answers
  • What is the value of the variable result after these lines of code are executed?
    5·2 answers
  • Computer program allowing the computer to communicate<br> with a hardware device
    13·1 answer
  • When determining the amount of RAM necessary for a computer you wish to purchase, what should you consider?
    7·1 answer
  • What is an example of a hard skill?
    12·2 answers
  • If you've finished working with a data file but intend to work on it again during your work session, which button would you use
    10·2 answers
  • PLEASE I NEED HELP PLEASE PLEASE<br> Which function prompts the user to enter information?
    9·1 answer
  • A_______ to show the working of an object before it is built or made. A. Prototype b. Test c. Evaluation d. Plan
    10·1 answer
  • Consider the following code segment.
    5·1 answer
  • Arturo is a security professional. He is strengthening the security of an information system. His design ensures that if a field
    10·1 answer
Add answer
Login
Not registered? Fast signup
Signup
Login Signup
Ask question!