1. A large amount of failed logon attempts for the same login id can mean(choose one or more)
a. A misconfigured benign program
b. An attacker performing brute force password guessing
c. An attacker performing password spraying attack
d. An operational vulnerability scannner
2. A large mount of successful logon attempts using the same login id can mean(choose one or more)
a. An operational vulnerability scanner
b. An attacker performing password spraying
c. A compromised service account
d. A malware is using a stolen credential
3. Which of the following statements about web proxy is true?(choose one or more)
a. Web proxy can be used to detect malware from drive by download attacks
b. Web proxy can be used to collect all inbound and outbound web surfing traffic
c. Web proxy can be used to examine all encrypted HTTPS traffic
d. Web proxy can be used to stop suspicious outbound web traffic
4.Which of the following statements about threat detection using HTTP traffic is ture?(choose one or more)
a. Short URL's are suspicious
b. Detect C2 traffic using Naked IP
c. Monitoring 404 return code from YOLP.com server can detect an attacker's reconnaissance scan
d. Monitoring successful requests to YOLP.com can detect malicious web crawlers
1. A large amount of failed logon attempts for the same login id can mean
AnsweR: An attacker performing brute force password guessing
Brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly
3)Answers
b . Web proxy can be used to collect all inbound and outbound web surfing traffic
c. Web proxy can be used to examine all encrypted HTTPS traffic
d. Web proxy can be used to stop suspicious outbound web traffic
Web proxy cannot be used to detect malware from drive by download attacks
I was only sure about two questions.
If you have any doubts, leave a comment below and I'll help you out
Get Answers For Free
Most questions answered within 1 hours.