Crowdly
Add to Chrome
IT8510 - Threat Intelligence and Hunting
Looking for IT8510 - Threat Intelligence and Hunting test answers and solutions? Browse our comprehensive collection of verified answers for IT8510 - Threat Intelligence and Hunting at moodle.polytechnic.bh.
Get instant access to accurate answers and detailed explanations for your course questions. Our community-driven platform helps students succeed!
A cybersecurity analyst is configuring Wazuh on a Bodhi Linux system to monitor authentication attempts. The goal is to forward `/var/log/auth.log` entries to the Wazuh manager for analysis and alerting. The analyst is editing the `ossec.conf` file and must ensure that the correct configuration is placed within the `<logcollector>` section.Which of the following configuration blocks will successfully collect and forward authentication logs?
❌
❌
❌
✅
View this question
Which command-line tool is used to detect WMI event subscriptions?
✅
❌
❌
❌
View this question
When using a Netcat backdoor listener for shell access, under which user ID will the commands be executed?
0%
0%
0%
0%
View this question
What single command could an attacker run from a Meterpreter shell to determine the OS version of a Windows machine?
0%
0%
0%
0%
View this question
What is the primary goal of threat intelligence in cybersecurity?
❌
❌
❌
✅
View this question
What is the likely impact of this command?
0%
0%
0%
0%
View this question
What is characteristic of the following commands run between the Linux host wbprod1 and John-Smiths-MacBook-Pro?
0%
0%
0%
0%
View this question
During routine monitoring, a SOC analyst sees a surge in failed VPN login attempts followed by successful access from a foreign IP. What analysis technique would best correlate these events?
0%
0%
0%
0%
View this question
During a forensic investigation, you notice a legitimate Windows process loading a foreign payload. What is this technique called?
✅
❌
❌
❌
View this question
A company is experiencing frequent SMB scanning attempts on their network. What is the best way to mitigate this threat?
0%
0%
0%
0%
View this question