Mike is an incident handler for PNP Infosystems Inc. One day, there was a ticket raised regarding a critical incident and Mike was assigned to handle the incident. During the process of incident handling, at one stage, he has performed incident analysis and validation to check whether the incident is a true incident or a false positive.
Identify the stage in which he is currently in.

• A.Incident Triage
• B.Incident Disclosure
• C.Post-Incident Activities
• D.Incident Recording and Assignment

Comment: *

Name: *

Email: *

Verification: *

Which of the following contains the performance measures, and proper project and time management details?

• A.Incident Response Policy
• B.Incident Response Tactics
• C.Incident Response Process
• D.Incident Response Procedures

Correct Answer: A

Comment: *

Name: *

Email: *

Verification: *

Which of the following command is used to enable logging in iptables?

• A.$ iptables -A OUTPUT -j LOG
• B.$ iptables -A INPUT -j LOG
• C.$ iptables -B INPUT -j LOG
• D.$ iptables -B OUTPUT -j LOG

Comment: *

Name: *

Email: *

Verification: *

John as a SOC analyst is worried about the amount of Tor traffic hitting the network. He wants to prepare a dashboard in the SIEM to get a graph to identify the locations from where the TOR traffic is coming.
Which of the following data source will he use to prepare the dashboard?

• A.IIS/Web Server logs with IP addresses and user agent IPtouseragent resolution.
• B.Apache/ Web Server logs with IP addresses and Host Name.
• C.DHCP/Logs capable of maintaining IP addresses or hostnames with IPtoName resolution.
• D.DNS/ Web Server logs with IP addresses.

Comment: *

Name: *

Email: *

Verification: *

Rinni, SOC analyst, while monitoring IDS logs detected events shown in the figure below.

What does this event log indicate?

• A.Parameter Tampering Attack
• B.XSS Attack
• C.SQL Injection Attack
• D.Directory Traversal Attack

Comment: *

Name: *

Email: *

Verification: *