Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISCO cyberops > chapter 7 > Flashcards

chapter 7 Flashcards

1
Q
  1. Which technology is a proprietary SIEM system?

SNMP agent
Splunk
Stealthwatch
NetFlow collector

A

Splunk

Security information event management (SIEM) is a technology that is used in enterprise organizations to provide real-time reporting and long-term analysis of security events. Splunk is a proprietary SIEM system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which term is used to describe legitimate traffic that is mistaken for unauthorized traffic by firewalls and IPSs?

True positive
True negative
False positive
False negative

A

False positive

Network security devices such as firewalls and intrusion prevention systems (IPSs) use preconfigured rules to identify malicious traffic on the network. Sometimes legitimate traffic is mistakenly identified as unauthorized or malicious. When legitimate traffic is incorrectly identified as unauthorized, it is known as a false positive.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q 
Which monitoring technology mirrors traffic flowing through a switch to an analysis device connected to another switch port?
SNMP
SIEM
SPAN 
NetFlow
A

SPAN

When enabled on a switch, SPAN, or port mirroring, copies frames sent and received by the switch and forwards them to another port, known as a Switch Port Analyzer port, which has an analysis device attached.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CISCO cyberops (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions