100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
ITN EXAM QUESTIONS AND CORRECT ANSWERS (ALREADY GRADED A+) $13.99   Add to cart

Exam (elaborations)

ITN EXAM QUESTIONS AND CORRECT ANSWERS (ALREADY GRADED A+)

 5 views  0 purchase
  • Course
  • ITN 260
  • Institution
  • ITN 260

ITN EXAM QUESTIONS AND CORRECT ANSWERS (ALREADY GRADED A+) Which can be the most valuable log for finding malware in a system? A) network B) WEB C) DNS C) IPFIX - Answer- C) DNS To best understand which machines are talking to each other, which of the following should be used? A) DNS l...

[Show more]

Preview 3 out of 26  pages

  • October 10, 2024
  • 26
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • ITN 260
  • ITN 260
avatar-seller
Scholarsstudyguide
ITN 260 2024-2025 EXAM QUESTIONS
AND CORRECT ANSWERS (ALREADY
GRADED A+)

Which can be the most valuable log for finding malware in a system?
A) network
B) WEB
C) DNS
C) IPFIX - Answer- C) DNS

To best understand which machines are talking to each other, which of the following
should be used?
A) DNS logs
B) NetFLow
C) network logs
D) SIEM alerts - Answer- B) NetFLow

To remotely log information using a centralized log server, which of the following
protocols should be used?
A) DNS
B) NetFlow
C) Syslog
D) IPFIX - Answer- C) Syslog

IPFIX is used for what?
A) Capturing which machines are in communication with each other
B) managing mobile messaging solutions
C) reading syslog files
D) DNS logs - Answer- A) Capturing which machines are in communication with each
other

Where can you find metadata showing where a picture was taken?
A) EXIF data
B) IPFIX data
C) E-mail metadata
D) SIP CTL - Answer- A) EXIF data

Which of these is not associated with syslog files?
A) journalctl
B) NXLog
C) SIP CTL
D) IPFIX - Answer- D) IPFIX

,Correlation does what with SIEM data?
A) Determines causes
B) Provides background contextual information
C) allows rule-based interpretation of data
D) All of the above - Answer- C) allows rule-based interpretation of data

What is one of the challenges of NetFlow data?
A) proprietary format
B) Excess data fields
C) record size
D) removing duplicate records along a path - Answer- D) removing duplicate records
along a path

What tool can be used to read system log data in Linux systems?
A) Any text editor
B) Journalctl
C) Web browser
D) protocol analyzer - Answer- B) Journalctl

Which of the following are issues that need to be determined as part of setting up a
SIEM solution? ( check all that apply)
A) Sensor placement
B) Log files and relevant fields
C) Desired alert conditions
D) DNS logging - Answer- A,B,C, & D

You have been directed by upper management to block employees from accessing
Facebook from the corporate machines. Which would be the easier way to exercise this
control?
A) Application allow list
B) Application block list
C) DLP
D) Content filtering - Answer- D) Content filtering

Having an expired certificate is an example of what type of error?
A) Mobile device management
B) configuration
C) application whitelisting
D) content filter/URL filter - Answer- B) configuration

A system-focused set of predetermined automation steps is an example of what?
A) isolation
B) Runbook
C) playbook
D) firewall rules - Answer- B) Runbook

, Your business application server sends data to partners using encrypted (Signed)
messages.. You hear from one of the partners that their messages have ceased
coming. What should you investigate?
A) Application whitelist
B) application blacklist
C) the playbook for the system
D) configuration settings of the process - Answer- D) configuration settings of the
process

You have kiosk-based machines in the lobby and scattered through the facility. They do
not require a login for guests to access certain items. what is the best way to protect
these machines from user introducing trojans?
A) Application allow list
B) application block list
C) data loss prevention
D) configuration settings of the process - Answer- A) Application allow list

To coordinate team activities during an incident response event, what is the best way to
communicate approved instructions?
A) Runbook
B) MDM solution
C) quarantine rule
D) playbook - Answer- D) playbook

Your security system has identified a specific executable as potentially dangerous.
What is the best way to handle the specific item that was identified?
A) segmentation
B) quarantine
C) firewall rule
D) playbook - Answer- B) quarantine

Your company has merged with another company, and it uses a different release of
accounting software than your company does. How could you provision user machines
in accounting so they will not inadvertently run the incorrect version?
A) Application allow listing
B) isolation
C) configuration associate with the application
D) application block listing - Answer- D) application block listing

You wish to keep people from using the internal mobile network to play games on their
personal phones. What would be the best method of managing this?
A) MDM
B) application block list
C) content filter
D) segmentation - Answer- A) MDM

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Scholarsstudyguide. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $13.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

67866 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$13.99
  • (0)
  Add to cart