Confidently Practice Online with Free ECSS Exam Cram

Robert, a security specialist, was appointed to strengthen the security of the organization's network. To prevent

multiple login attempts from unknown sources, Robert implemented a security strategy of issuing alerts or

warning messages when multiple failed login attempts are made.

Which of the following security risks is addressed by Robert to make attempted break-ins unsuccessful?

Bob, a forensic investigator, was instructed to review a Windows machine and identify any anonymous

activities performed using it. In this process. Bob used the command “netstat -ano" to view all the active

connections in the system and determined that the connections established by the Tor browser were closed.

Which of the following states of the connections established by Tor indicates that the Tor browser is closed?

Bob, a forensic investigator, is investigating a live Windows system found at a crime scene. In this process,

Bob extracted subkeys containing information such as SAM. Security, and software using an automated tool

called FTK Imager.

Which of the following Windows Registry hives' subkeys provide the above information to Bob?

Messy, a network defender, was hired to secure an organization's internal network. He deployed an IDS in

which the detection process depends on observing and comparing the observed events with the normal

behavior and then detecting any deviation from it.

Identify the type of IDS employed by Messy in the above scenario.

Michael, a forensic expert, was assigned to investigate an incident that involved unauthorized intrusion

attempts. In this process, Michael identified all the open ports on a system and disabled them because these

open ports can allow attackers to install malicious services and compromise the security of the system or

network.

Which of the following commands assisted Michael in identifying open ports in the above scenario?