A forensics analyst is analyzing an executable and thinks it may have some text of interest hidden within it. Which of the following tools can the analyst use to assist in validating the suspicion?
Answer : C
While performing standard maintenance on a UNIX server, a system administrator notices a set of large files with .tar .gz file extensions in the /tmp folder. The system administrator reports this to a security analyst. Performing further research, the analyst has found the .tar .gz files contain information normally housed on one of the bank's data servers. Given this scenario, which of the following is MOST likely occurring?
Answer : B
A logfile generated from a Windows server was moved to a Linux system for further analysis. A system administrator is now making edits to the file with vi and notices the file contains numerous instances of Ctrl-M (^M) characters. Which of the following command line tools is the administrator MOST likely to use to remove these characters from the logfile? (Choose two.)
Answer : A, C
A zero-day vulnerability is discovered on a company's network. The security analyst conducts a log review, schedules an immediate vulnerability scan, and quarantines the infected system, but cannot determine the root cause of the vulnerability. Which of the following is a source of information that can be used to identify the cause of the vulnerability?
Answer : C
Which of the following techniques allows probing firewall rule sets and finding entry points into a targeted system or network?
Answer : D
A security analyst for a financial services firm is monitoring blogs and reads about a zero-day vulnerability being exploited by a little-known group of hackers. The analyst wishes to independently validate and corroborate the blog's posting. Whichof the following sources of information will provide the MOST credible supporting threat intelligence in this situation?
Answer : C
A high-level government official uses anonymous bank accounts to transfer a requested amount of funds to individuals in another country. These individuals are known for defacing government websites and exfiltrating sensitive data. Which of the following BEST describes the involved threat actors?
Answer : D