1.Question 1What is the primary purpose of logs during incident investigation?1 pointTo improve user experienceTo manage alert volumesTo provide a record of event detailsTo identify and diagnose system issues2.Question 2A security analyst wants to determine whether a suspicious login was successful. Which log type would be most useful for this purpose?1 pointAuthenticationNetworkSystem Firewall3.Question 3In the following log, what action does the log entry record?[ALLOW: wikipedia.org] Source: 192.167.1.1 Friday, 10 June 2022 11:36:121 point192.167.1.1SourceALLOWFriday, 10 June 2022 11:36:124.Question 4Fill in the blank: _____ is the process of examining logs to identify events of interest. 1 pointLog analysisLoggingLog forwarderLog file

What is the primary purpose of logs during incident investigation?1 分To improve user experienceTo manage alert volumesTo provide a record of event detailsTo identify and diagnose system issues

Question 1Which of the following statements correctly describe logs? Select two answers.1 pointLogs helps identify vulnerabilities and potential security breaches. A log is used as a formal guide to incident response.Security professionals use logs to automate tasks.A business might log each time an employee accesses web-based services.

1.Question 1Which of the following statements correctly describe logs? Select two answers.1 pointA business might log each time an employee accesses web-based services.Logs helps identify vulnerabilities and potential security breaches. Security professionals use logs to automate tasks.A log is used as a formal guide to incident response.2.Question 2Which of the following tasks can be performed using SIEM tools? Select three answers.1 pointProactively searching for threats Providing alerts for specific types of risksNotifying authorities of illegal activityPerforming incident analysis3.Question 3A cybersecurity analyst needs to collect data from multiple places to analyze filtered events and patterns. What type of tool should they use?1 pointSecurity information and event management (SIEM)Linux operating systemPlaybooknetwork protocol analyzer (packet sniffer)4.Question 4Fill in the blank: A security team uses a _____ to help them document organizational processes from beginning to end.1 pointtoolkitplaybookgraphlegend5.Question 5As a security analyst, you are monitoring network traffic to ensure that SPII data is not being accessed by unauthorized users. What does this scenario describe?1 pointUsing a network protocol analyzer (packet sniffer)Programming with codeCalculating with formulasGathering data in a spreadsheet6.Question 6What are some key benefits of programming languages? Select all that apply.1 pointThey execute repetitive processes accurately.They install security hardware.They can be used to create a specific set of instructions for a computer to execute tasks.They filter through data points faster than humans can working manually.7.Question 7What term is used to describe publicly available systems, such as Linux? 1 pointFree-for-allRestrictedUnregulatedOpen-source8.Question 8Fill in the blank: Security professionals can use _____ to interact with and request information from a database.1 pointSQLlogsnetwork protocol analyzers (packet sniffers)playbooks9.Question 9What are some key benefits of using Python to perform security tasks? Select all that apply. 1 point It is designed for high levels of accuracy.It makes static data more dynamic. It helps security professionals be more accurate.It simplifies repetitive tasks.

Question 3What can cybersecurity professionals use logs for?1 pointTo analyze data traffic within a network To identify vulnerabilities and potential security breachesTo research and optimize processing capabilities within a networkTo select which security team members will respond to an incident

1.Question 1Which of the following statements correctly describe logs? Select three answers.1 pointSecurity teams monitor logs to identify vulnerabilities and potential data breaches. Outbound requests to the internet from within a network are recorded in a firewall log.Actions such as login requests are recorded in a server log.Connections between devices and services on a network are recorded in a firewall log.2.Question 2What are some of the key benefits of SIEM tools? Select three answers.1 pointEliminate the need for manual review of logsProvide event monitoring and analysisCollect log data from different sourcesSave time3.Question 3Fill in the blank: Software application _____ are technical attributes, such as response time, availability, and failure rate.1 pointSIEM toolsdashboardslogsmetrics4.Question 4A security team chooses to implement a SIEM tool that will be managed and maintained by the organization's IT department, rather than a third-party vendor. What type of tool are they using?1 pointHybridDepartment-hostedCloud-hostedSelf-hosted5.Question 5You are a security professional, and you want to save time by using a SIEM tool that will be managed by a provider and only be accessible through the internet. What type of tool do you choose?1 pointHybridIT-hostedSelf-hostedCloud-hosted6.Question 6Fill in the blank: SIEM tools retain, analyze, and search an organization's _____ to provide security information and alerts.1 pointlog datacloud applicationsdatabasehardware7.Question 7A security analyst receives an alert about hundreds of login attempts from unusual geographic locations within the last few minutes. What can the analyst use to review a timeline of the login attempts, locations, and time of activity?1 pointA SIEM tool dashboard A network protocol analyzer (packet sniffer) A playbookAn operating system8.Question 8Which type of tool typically requires users to pay for usage?1 pointCloud nativeProprietary Self-hostedOpen-source