1.2 Given a scenario, analyze indicators of potentially malicious activity

Question 1

Some software installs or updates may modify the Windows ______ to change settings or add new ones, causing ________ anomalies

Answer 1

registry

Question 2

Implementing network segmentation can prevent _______ movement by attackers and limit their ability to access sensitive data

Answer 2

lateral

Question 3

Application log

Answer 3

Provides information about the application’s internal functions and operations, including any unauthorized changes.

Question 4

System log

Answer 4

Logs system events, such as startup and shutdown.

Question 5

Network mapping creates a ________ representation of the network

Answer 5

visual

Question 6

What is an irregular communication pattern in which a device sends repeated signals or message a command and control server to establish connection?

Answer 6

Beaconing

Question 7

Irregular __________ communication between two devices that are not typically in direct contact with each other, and it can indicate later movement of malware between endpoints

Answer 7

peer-to-peer