<< Prev Question Next Question >>

Question 13/48

In Microsoft Windows, as files are deleted the space they were allocated eventually is considered available for use by other files. This creates alternating used and unused areas of various sizes. What is this called?

LEAVE A REPLY

Your email address will not be published. Required fields are marked *

Question List (48q)
Question 1: DRAG DROP (Exhibit) Refer to the exhibit. Drag and drop the ...
Question 2: Which identifies both the source and destination location?...
3 commentQuestion 3: You see confidential data being exfiltrated to an IP address...
Question 4: What is accomplished in the identification phase of incident...
Question 5: (Exhibit) Refer to the exhibit. Which application protocol i...
Question 6: Which option filters a LibPCAP capture that used a host as a...
Question 7: Which statement about threat actors is true?...
Question 8: Which network device creates and sends the initial packet of...
Question 9: Which CVSSv3 metric value increases when attacks consume net...
Question 10: (Exhibit) Refer to the exhibit. We have performed a malware ...
Question 11: Which kind of evidence can be considered most reliable to ar...
2 commentQuestion 12: DRAG DROP Drag and drop the elements of incident handling fr...
Question 13: In Microsoft Windows, as files are deleted the space they we...
Question 14: Which source provides reports of vulnerabilities in software...
Question 15: An organization has recently adjusted its security stance in...
Question 16: Which option can be addressed when using retrospective secur...
1 commentQuestion 17: You see 100 HTTP GET and POST requests for various pages on ...
Question 18: DRAG DROP Drag and drop the type of evidence from the left o...
Question 19: Which component of the NIST SP800-61 r2 incident handling st...
Question 20: Which option allows a file to be extracted from a TCP stream...
Question 21: Which two HTTP header fields relate to intrusion analysis? (...
Question 22: What information from HTTP logs can be used to find a threat...
Question 23: Which option creates a display filter on Wireshark on a host...
Question 24: Which two components are included in a 5-tuple? (Choose two....
Question 25: Which option is generated when a file is run through an algo...
Question 26: Which CVSSv3 metric captures the level of access that is req...
1 commentQuestion 27: (Exhibit) Refer to the exhibit. Which type of log is this an...
Question 28: (Exhibit) Refer to the exhibit. What can be determined from ...
Question 29: Which process is being utilized when IPS events are removed ...
Question 30: Which CVSSv3 metric value increases when the attacker is abl...
Question 31: Which two options can be used by a threat actor to determine...
Question 32: Which element is part of an incident response plan?...
Question 33: Which stakeholder group is responsible for containment, erad...
Question 34: In VERIS, an incident is viewed as a series of events that a...
Question 35: Which type of analysis allows you to see how likely an explo...
Question 36: Which Security Operations Center's goal is to provide incide...
Question 37: From a security perspective, why is it important to employ a...
Question 38: (Exhibit) Refer to the exhibit. A customer reports that they...
1 commentQuestion 39: Which option is a misuse variety per VERIS enumerations?...
Question 40: What mechanism does the Linux operating system provide to co...
Question 41: Which CVSSv3 Attack Vector metric value requires the attacke...
Question 42: Which regular expression matches "color" and "colour"?...
Question 43: Which data type is protected under the PCI compliance framew...
Question 44: In the context of incident handling phases, which two activi...
Question 45: Which description of a retrospective malware detection is tr...
Question 46: During which phase of the forensic process is data that is r...
Question 47: A user on your network receives an email in their mailbox th...
Question 48: Which element is included in an incident response plan?...