An engineer received an alert affecting the degraded performance of a critical server Analysis showed a heavy CPU and memory load. What is the next step the engineer should take to investigate this resource usage?
What is the difference between a threat and a risk?
Which two elements of the incident response process are stated in NIST SP 800-61 r2? (Choose two.)
An engineer must verify vulnerabilities found in the scanning process The engineer checks the impact of those findings to the organization and compares the results with known threats inside organization What is the benefit of knowing this information?
After a large influx of network traffic to externally facing devices, a security engineer begins investigating what appears to be a denial of service attack When the packet capture data is reviewed, the engineer notices that the traffic is a single SYN packet to each port Which type of attack is occurring?
What is a difference between rule-based and role-based access control mechanisms?
While viewing packet capture data, an analyst sees that one IP is sending and receiving traffic for multiple devices by modifying the IP header.
Which technology makes this behavior possible?
What is a purpose of a vulnerability management framework?

Refer to the exhibit. Where is the executable file?
Drag and drop the technology on the left onto the data type the technology provides on the right.



Refer to the exhibit.

What is occurring?
What is the name of the technology that searches for and reports on known weaknesses and flaws present in an organization's IT infrastructure?
Refer to the exhibit.

Which type of evidence is this file?
What are two denial of service attacks? (Choose two.)
A security expert is working on a copy of the evidence, an ISO file that is saved in CDFS format. Which type of evidence is this file?