Security Information and Event Management Quiz Questions and Answers

What are examples of SIEM logging sources?

Answer :
  • All of the Above

Where are Linux system logs found?

Answer :
  • /var/log

Merging events containing different data into a reduced format which contains common event attributes is called?

Answer :
  • Normalization

What is the sequence of a TCP connection?

Answer :
  • SYN-SYN ACK-ACK

The first phase of hacking an IT system is compromise of which foundation of security?

Answer :
  • Confidentiality

How is IP address spoofing detected?

Answer :
  • Comparing the TTL values of the actual and spoofed addresses

Why would a ping sweep be used?

Answer :
  • To identify live systems

What is the best statement for taking advantage of a weakness in the security of an IT system?

Answer :
  • Exploit

What is the purpose of a Denial of Service attack?

Answer :
  • To overload a system so it is no longer operational

Which of the following process is used for verifying the identity of a user?

Answer :
  • Authentication