Karl, a security professional at an organization, while analyzing Windows event logs identified that a threat actor made multiple attempts to gain access to the organization’s network but failed to do so, due to strong security controls deployed on the network. Identify the type of event data discussed in the above scenario.Group of answer choicesFailure auditWarningErrorSuccess audit

James, a security team member, was assessing the security across organizational assets. He identified sudden fluctuations in the bandwidth consumption and repeated login attempts being made from remote hosts. Which of the following types of intrusion attempt James has identified in the above scenario?Group of answer choicesNetwork intrusionsSystem intrusionsFile system intrusionsPhysical intrusions

A school has a web server mainly used for parents to view school events, access student records, and communicate with teachers and administration. The network admin suspects a security-related event has occurred and is reviewing what steps should be taken.WHAT HAS HAPPENED: The network administrator believes that the threat actor used a commonly available tool to slow the server down. The administrator concludes that based on the source IP address identified in the alert, the threat actor was probably one of the students. The student would be classified as a(n) _____ hackersemi-authorizedgovernmentauthorizedunauthorized

Question 5As a security analyst, you are monitoring network traffic and detect a large number of failed login attempts. Which of the following tools would help you investigate this incident? Select two answers.1 pointA network protocol analyzer (packet sniffer)An antivirus softwareAn intrusion detection system (IDS)A cryptographic encoder

A company has just had a cybersecurity incident. The threat actor appeared to have a goal of network disruption and appeared to use a common security hack tool that overwhelmed a particular server with a large amount of traffic. This traffic rendered the server inoperable. How would a certified cybersecurity analyst classify this type of threat actor?hacktivistamateurterroriststate-sponsored

1.Question 1What is the primary purpose of logs during incident investigation?1 pointTo improve user experienceTo manage alert volumesTo provide a record of event detailsTo identify and diagnose system issues2.Question 2A security analyst wants to determine whether a suspicious login was successful. Which log type would be most useful for this purpose?1 pointAuthenticationNetworkSystem Firewall3.Question 3In the following log, what action does the log entry record?[ALLOW: wikipedia.org] Source: 192.167.1.1 Friday, 10 June 2022 11:36:121 point192.167.1.1SourceALLOWFriday, 10 June 2022 11:36:124.Question 4Fill in the blank: _____ is the process of examining logs to identify events of interest. 1 pointLog analysisLoggingLog forwarderLog file