Which of the following is one of the fields that Covert TCP uses to transmit data?
What is the goal of the containment phase of incident handling?
Which of the following are countermeasures to prevent unauthorized database access attacks?Each correct answer represents a complete solution. (Choose all that apply.)
A system administrator finds the entry below in an Apache log. What can be done to mitigate against this?192.168.116.201 - - [22/Apr/2016:13:43:26 -0400] `GET http://www.giac.org%2Farticles.php%3Fid%3D3+and+%28select+1+from+mysql.user+limit+0%2C1%29%3D1HTTP/1.1` 200 453 `-` `Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0`
Adam works as an Incident Handler for Umbrella Inc. He has been sent to the California unit to train the members of the incident response team. As a demo project he asked members of the incident response team to perform the following actions:✑ Remove the network cable wires.✑ Isolate the system on a separate VLAN✑ Use a firewall or access lists to prevent communication into or out of the system.✑ Change DNS entries to direct traffic away from compromised systemWhich of the following steps of the incident handling process includes the above actions?
In an attempt to contain an incident, the response team shut down a critical server without communicating with the Network Operations team. This led to upset management, poor customer service, and profit loss. The incident has since been closed, and Sam is leading a follow-up meeting.Which of the following questions is most appropriate for the focus of this meeting?
