An organization performs regular updates to its network devices to alert and prevent access to streaming media sites by the employees. Each device will send logs and alerts to a centralized server for storage, archive, and analysis. Which of the following BEST describes the system that is correlating the data found in all alerts and logs?
Answer : A
The incident response team needs to track which user last connected to a specific Windows domain controller. Which of the following is the BEST way to identify that specific user?
Answer : D
During an investigation on Windows 10 system, a system administrator needs to analyze Windows event logs related to CD/DVD-burning activities. In which of the following paths will the system administrator find these logs?
Answer : B
During a network-based attack, which of the following data sources will provide the BEST data to quickly determine the attacker's point of origin? (Choose two.)
Answer : A, D
Which of the following commands should be used to print out ONLY the second column of items in the following file?
Answer : D