11.4 Security + Testout

You want to store your computer-generated audit logs in case they are needed in the future for examination or to be used as evidence in the event of a security incident. Which method can yo use to ensure that the logs you put in storage have not been altered when you go to use them in the future?

Create a hash of each log.

What does hashing of log files provide?

proof the the files have not been altered.

when a new IT employee is hired by your organization, you need to clearly inform her of the log retention policy. This policy includes details about all but which of the following?

What limitation of legal punishment or fines is supported by the organization.

Over the past few days, a server has gone offline and rebooted automatically several times. You would like to see a record of when each of theses restarts has occurred. Which log should you check?

System

You have heard about a Trojan horse program where the compromised system sends personal information to a remote attacker or specific TCP port. You want to be able to easily tell whether any of your systems are sending data to the attacker. Which log would you monitor?

Firewall

Which of the following is a standard for sending log messages to a central logging server?

Syslog

You suspect that some of your computers have been hijacked and are being used to perform denial of service attacks directed against other computers on the Internet. Which log would you check to see if this is happening?

Firewall

You are interested in identifying the source of potential attacks that have recently been directed against your network but which have been successfully blocked. Which log would you check?

Firewall

You suspect that your Web server has been the target of a denial of service attack. You would like to view information about the number of connections to the server over the past three days. Which log would you most likely examine?

Performance

You are concerned that an attacker can gain access to your Web server, make modifications to the system, and alter the log files to hide his actions. Which of the following actions would best protect the log files?

Use the syslog to send the log entries to another server

You decide to use the syslog to send log entries from multiple servers to a central logging server. Which of the following are the most important considerations for your implementation? (Select two)

1. Clock synchronizations between all devices and 2. Disk space on the syslog server

You manage a firewall that connects your private network to the Internet. You would like to see a record of every packet that has been rejected by the firewall in the past month. Which tool should you use?

Event Logger

Which of the following best describes an audit daemon?

The trusted utility that runs a background process whenever auditing is enabled.

Which of the following is NOT included in a system level audit event? (Select two)

1. names of accessed files and 2. any actions performed by the user

The auditing feature of an operating system serves as what form of control when users are informed that their actions are being monitored?

Preventative

11.4 Security + Testout - Subjecto.com

11.4 Security + Testout

Your page rank:

Total word count: 540
Pages: 2

Calculate the Price

- -
275 words
Looking for Expert Opinion?
Let us have a look at your work and suggest how to improve it!
Get a Consultant

You want to store your computer-generated audit logs in case they are needed in the future for examination or to be used as evidence in the event of a security incident. Which method can yo use to ensure that the logs you put in storage have not been altered when you go to use them in the future?

Create a hash of each log.

What does hashing of log files provide?

proof the the files have not been altered.

when a new IT employee is hired by your organization, you need to clearly inform her of the log retention policy. This policy includes details about all but which of the following?

What limitation of legal punishment or fines is supported by the organization.

Over the past few days, a server has gone offline and rebooted automatically several times. You would like to see a record of when each of theses restarts has occurred. Which log should you check?

System

You have heard about a Trojan horse program where the compromised system sends personal information to a remote attacker or specific TCP port. You want to be able to easily tell whether any of your systems are sending data to the attacker. Which log would you monitor?

Firewall

Which of the following is a standard for sending log messages to a central logging server?

Syslog

You suspect that some of your computers have been hijacked and are being used to perform denial of service attacks directed against other computers on the Internet. Which log would you check to see if this is happening?

Firewall

You are interested in identifying the source of potential attacks that have recently been directed against your network but which have been successfully blocked. Which log would you check?

Firewall

You suspect that your Web server has been the target of a denial of service attack. You would like to view information about the number of connections to the server over the past three days. Which log would you most likely examine?

Performance

You are concerned that an attacker can gain access to your Web server, make modifications to the system, and alter the log files to hide his actions. Which of the following actions would best protect the log files?

Use the syslog to send the log entries to another server

You decide to use the syslog to send log entries from multiple servers to a central logging server. Which of the following are the most important considerations for your implementation? (Select two)

1. Clock synchronizations between all devices and 2. Disk space on the syslog server

You manage a firewall that connects your private network to the Internet. You would like to see a record of every packet that has been rejected by the firewall in the past month. Which tool should you use?

Event Logger

Which of the following best describes an audit daemon?

The trusted utility that runs a background process whenever auditing is enabled.

Which of the following is NOT included in a system level audit event? (Select two)

1. names of accessed files and 2. any actions performed by the user

The auditing feature of an operating system serves as what form of control when users are informed that their actions are being monitored?

Preventative

Share This
Flashcard

More flashcards like this

NCLEX 10000 Integumentary Disorders

When assessing a client with partial-thickness burns over 60% of the body, which finding should the nurse report immediately? a) ...

Read more

NCLEX 300-NEURO

A client with amyotrophic lateral sclerosis (ALS) tells the nurse, "Sometimes I feel so frustrated. I can’t do anything without ...

Read more

NASM Flashcards

Which of the following is the process of getting oxygen from the environment to the tissues of the body? Diffusion ...

Read more

Unfinished tasks keep piling up?

Let us complete them for you. Quickly and professionally.

Check Price

Successful message
sending