Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

1. The main purpose of Sysmon is to help with what? Forensics Blocking malware Blocking network-based attacks 2. Where are sysmon events in Windows10/Windows 2016

1. The main purpose of Sysmon is to help with what?

Forensics

Blocking malware

Blocking network-based attacks

2. Where are sysmon events in Windows10/Windows 2016 readable?

a. System Log

b. Security Log

c. Application and Services Logs

3. Which command line tool verifies if an app is 32- or 64-bit?

a. SigCheck

b. VerCheck

c. PlatInfo

4. Which one of the following tools is great for finding insecure shares on the network?

a. ShareEnum

b. AccessChk

c. AccessEnum

5. More detailed information on different logons can be viewed with:

a. SystemInfo.exe

b. LogonSessions.exe

c. Process Explorer

6. What file is loaded into the registry when a user logs on?

a. NTUSER.MAN

b. DEFAULT.DAT

c. NTUSER.DAT

7. The last part of a Security Identifier (SID) is:

a. TID

b. RID

c. PID

8. An Access Token is refreshed for a user during:

a. Reboot

b. Logon

9. With which command would you verify sysmon driver installation?

a. FLTMC

b. SYSMONCMD

c. MSSYSMONCMD

d. GPUPDATE

10. Which part of the Security Descriptor houses the Auditing settings?

a. Ownership

b. SACL

c. DACL

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image_2

Step: 3

blur-text-image_3

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

DB2 11 The Database For Big Data And Analytics

Authors: Cristian Molaro, Surekha Parekh, Terry Purcell, Julian Stuhler

1st Edition

1583473858, 978-1583473856

More Books

Students also viewed these Databases questions