Question 1

Which HTTP header field is used in forensics to identify the type of browser used?

Options :

A : referrer

B : host

C : user-agent

D : accept-language

Answer: C

Question 2

What is the difference between a threat and a risk?

Options :

A : Threat represents a potential danger that could take advantage of a weakness in a system

B : Risk represents the known and identified loss or danger in the system

C : Risk represents the nonintentional interaction with uncertainty in the system

D : Threat represents a state of being exposed to an attack or a compromise, either physically or logically.

Answer: A

Question 3

Which incidence response step includes identifying all hosts affected by an attack?

Options :

A : detection and analysis

B : post-incident activity

C : preparation

D : containment, eradication, and recovery

Answer: D

Question 4

Which action should be taken if the system is overwhelmed with alerts when false positives and false negatives are compared?

Options :

A : Modify the settings of the intrusion detection system.

B : Design criteria for reviewing alerts.

C : Redefine signature rules

D : Adjust the alerts schedule.

Answer: A

Question 5

An analyst is investigating an incident in a SOC environment. Which method is used to identify a session from a group of logs?

Options :

A : sequence numbers

B : IP identifier

C : 5-tuple

D : timestamps

Answer: C

Higher Test Marks with Free Online 200-201 Exam Practice