Tools & Security Frameworks

Question 1

What does Wireshark do?

Answer 1

Captures and analyzes network packets

Question 2

What is the NIST cybersecurity framework?

Answer 2

Guidelines for cybersecurity best practices

Question 3

What is syslog used for?

Answer 3

Logging standard for system events

Question 4

What device inspects and filters traffic entering and leaving a network?

Answer 4

Firewall

Question 5

What network design separates public-facing services from the internal network?

Answer 5

DMZ (Demilitarized Zone)

Question 6

Why would an organization use VLANs?

Answer 6

To segment network traffic for security and performance

Question 7

A user connects remotely to the office securely over the internet. What are they likely using?

Answer 7

VPN (Virtual Private Network)

Question 8

A security analyst uses Wireshark to examine a packet in detail. What are they likely doing?

Answer 8

Network traffic analysis

Question 9

Which tool would you use to correlate logs from multiple devices?

Answer 9

SIEM (Security Information and Event Management)

Question 10

What does Nmap help identify on a remote host?

Answer 10

Open ports and services

Question 11

What is syslog used for in enterprise environments?

Answer 11

Standardized event logging