Question 1easymultiple choice
Read the full VPN explanation →SSCP Risk Identification, Monitoring and Analysis • Complete Question Bank
Complete SSCP Risk Identification, Monitoring and Analysis question bank — all 0 questions with answers and detailed explanations.
Refer to the exhibit. Oct 15 09:23:45 server01 sshd[1234]: Failed password for root from 192.168.1.100 port 22 ssh2 Oct 15 09:23:46 server01 sshd[1234]: Failed password for root from 192.168.1.100 port 22 ssh2 Oct 15 09:23:47 server01 sshd[1234]: Failed password for root from 192.168.1.100 port 22 ssh2 Oct 15 09:23:48 server01 sshd[1234]: Failed password for root from 192.168.1.100 port 22 ssh2 Oct 15 09:23:49 server01 sshd[1234]: Failed password for root from 192.168.1.100 port 22 ssh2
Refer to the exhibit.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::example-bucket/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "10.0.0.0/8"
}
}
},
{
"Effect": "Allow",
"Action": "s3:ListBucket",
"Resource": "arn:aws:s3:::example-bucket",
"Principal": "*"
}
]
}Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
Firewall
IDS
Backup restoration
Warning signs
Drag a concept onto its matching description — or click a concept then click the description.
Defines proper use of resources
Requirements for password strength
Categorizes data sensitivity
Procedures for handling breaches
Refer to the exhibit. [alert from SIEM] Alert: High Priority Rule: Possible Brute Force Attack Source IP: 192.168.1.50 Target: Server 10.0.0.10 Count: 150 failed logins in 5 minutes Time: 2024-03-21 14:32:15 [additional log from authentication server] Log: Successful login from 192.168.1.50 to 10.0.0.10 at 14:34:20 for user 'admin'.
Refer to the exhibit. [Vulnerability Scan Report Excerpt] Host: 10.0.0.15 Port: 3389 (RDP) Vulnerability: CVE-2024-1234 - Critical CVSS Score: 9.8 Description: Remote Code Execution in RDP Patch: KB4567890 available from vendor [Patch Management Database] Host 10.0.0.15: Last patched 2023-12-01. Patches applied: KB123456, KB789012. KB4567890 not applied. [Asset Criticality] 10.0.0.15: Critical, used for financial operations.
Refer to the exhibit. [NetFlow Record] Time: 2024-03-21 10:00:00 - 10:05:00 Source IP: 10.0.0.1 Destination IP: 203.0.113.5 Port: 443 (HTTPS) Bytes: 1500 [NetFlow Record] Time: 2024-03-21 10:05:00 - 10:10:00 Source IP: 10.0.0.1 Destination IP: 203.0.113.5 Port: 443 (HTTPS) Bytes: 2000 [NetFlow Record] Time: 2024-03-21 10:10:00 - 10:15:00 Source IP: 10.0.0.1 Destination IP: 203.0.113.5 Port: 443 (HTTPS) Bytes: 2500
Refer to the exhibit. [IDS Alert] Timestamp: 2025-02-18 14:23:45 Source IP: 10.10.10.5 -> Destination IP: 192.168.1.100 Signature: ET WEB_SPECIFIC SQL Injection Attempt Payload: ' OR '1'='1' --
Refer to the exhibit. [Linux auth.log] Feb 18 10:15:22 server sshd[1234]: Failed password for root from 203.0.113.5 port 22 ssh2 Feb 18 10:15:23 server sshd[1234]: Failed password for root from 203.0.113.5 port 22 ssh2 ... (50 more identical lines) Feb 18 10:15:25 server sshd[1234]: Accepted password for root from 203.0.113.5 port 22 ssh2
Refer to the exhibit. [Firewall Rule - Policy] Rule ID: 10 Source: Any Destination: 10.10.10.0/24 Port: 1433 Action: Allow Logging: Enabled Rule ID: 15 Source: 10.10.10.0/24 Destination: Any Port: 445 Action: Allow Logging: Disabled
Refer to the exhibit. 2019-05-22 10:15:30 192.168.1.10 TCP_MISS/200 1256 GET http://malware.com/evil.exe - DIRECT/203.0.113.5 text/html 2019-05-22 10:15:31 192.168.1.20 TCP_MISS/200 1042 GET http://malware.com/evil.exe - DIRECT/203.0.113.5 application/x-msdownload 2019-05-22 10:15:34 192.168.1.10 TCP_MISS/200 1256 GET http://malware.com/evil.exe - DIRECT/203.0.113.5 text/html 2019-05-22 10:15:35 192.168.1.20 TCP_MISS/200 1042 GET http://malware.com/evil.exe - DIRECT/203.0.113.5 application/x-msdownload
Refer to the exhibit.
{
"eventVersion": "1.05",
"userIdentity": {
"type": "Root",
"arn": "arn:aws:iam::123456789012:root",
"accountId": "123456789012"
},
"eventTime": "2020-03-15T14:30:00Z",
"eventSource": "ec2.amazonaws.com",
"eventName": "AuthorizeSecurityGroupIngress",
"sourceIPAddress": "10.0.0.5",
"requestParameters": {
"groupId": "sg-12345678",
"ipPermissions": {
"items": [
{
"ipProtocol": "tcp",
"fromPort": 3389,
"toPort": 3389,
"ipRanges": [
{
"cidrIp": "0.0.0.0/0"
}
]
}
]
}
}
}Refer to the exhibit. Oct 12 14:23:45 server sshd[1234]: Failed password for root from 192.168.1.200 port 22 ssh2 Oct 12 14:23:47 server sshd[1234]: Failed password for root from 192.168.1.200 port 22 ssh2 Oct 12 14:23:49 server sshd[1234]: Failed password for root from 192.168.1.200 port 22 ssh2 Oct 12 14:23:51 server sshd[1234]: Failed password for root from 192.168.1.200 port 22 ssh2