Question 5As a security analyst, you are monitoring network traffic and detect a large number of failed login attempts. Which of the following tools would help you investigate this incident? Select two answers.1 pointAn intrusion detection system (IDS)A cryptographic encoderAn antivirus softwareA network protocol analyzer (packet sniffer)

James, a security team member, was assessing the security across organizational assets. He identified sudden fluctuations in the bandwidth consumption and repeated login attempts being made from remote hosts. Which of the following types of intrusion attempt James has identified in the above scenario?Group of answer choicesNetwork intrusionsSystem intrusionsFile system intrusionsPhysical intrusions

After receiving an alert about a suspicious login attempt, a security analyst can access their _____ to gather information about the alert.1 pointSIEM tool dashboardnetwork protocol analyzer (packet sniffer)internal infrastructureplaybook

Question 5As a security analyst, you are tasked with auditing your organization's network to identify security related issues. How might a network protocol analyzer (packet sniffer) help you perform this task?1 pointBy automating tasks that reduce human errorBy capturing and analyzing data traffic on the networkBy simulating attacks on connected devicesBy removing malware and viruses from the network

1.Question 1What is the primary purpose of logs during incident investigation?1 pointTo improve user experienceTo manage alert volumesTo provide a record of event detailsTo identify and diagnose system issues2.Question 2A security analyst wants to determine whether a suspicious login was successful. Which log type would be most useful for this purpose?1 pointAuthenticationNetworkSystem Firewall3.Question 3In the following log, what action does the log entry record?[ALLOW: wikipedia.org] Source: 192.167.1.1 Friday, 10 June 2022 11:36:121 point192.167.1.1SourceALLOWFriday, 10 June 2022 11:36:124.Question 4Fill in the blank: _____ is the process of examining logs to identify events of interest. 1 pointLog analysisLoggingLog forwarderLog file

1.Question 1What tool is designed to capture and analyze data traffic within a network?1 pointplaybooksecurity information and event management (SIEM)Structured Query Language (SQL)network protocol analyzer (packet sniffer)2.Question 2What type of tool uses dashboards to organize data into categories and allows analysts to identify potential security incidents as they happen?1 pointPythonLinuxnetwork protocol analyzers (packet sniffers)SIEM3.Question 3What can cybersecurity professionals use logs for?1 pointTo select which security team members will respond to an incidentTo identify vulnerabilities and potential security breachesTo research and optimize processing capabilities within a networkTo analyze data traffic within a network 4.Question 4Fill in the blank: A _____ is a manual that provides details about operational actions.1 pointchecklistdirectoryplaybookcase history