Section 4.4 Demonstrate your acquired knowledge about explaining security alerting and monitoring concepts and tools. This will demonstrate your proficiency for section 4.4 of the Security+ SY0-701 objectives. 1 / 25 Verifying that malware definitions are up to date is a form of: Log aggregation Monitoring Scanning Archiving 2 / 25 Storing logs offsite for disaster recovery is: Scanning Archiving Alerting Quarantine 3 / 25 Capturing detailed application errors in real time uses: Vulnerability scan Dynamic agent logs SNMP traps Reporting 4 / 25 Automating rule-based log inspection often relies on: NetFlow aggregation SIEM correlation DLP quarantine SCAP benchmarks 5 / 25 Reducing noise before escalating events is part of: Reporting Alert tuning Archiving Scanning 6 / 25 Identifying unauthorized configuration changes uses: Quarantine rules DLP policies Log aggregation Alert tuning 7 / 25 Checking file integrity on servers is best done with: SNMP listener Agent-based monitoring Agentless scan NetFlow analysis 8 / 25 Ensuring logs conform to a standard format uses: Alerting SCAP NetFlow Quarantine 9 / 25 Finding missing patches and CVEs uses a: SIEM trap SCAP agent Vulnerability scanner DLP engine 10 / 25 Analyzing network traffic flows for anomalies is: Agentless audit NetFlow monitoring Bug bounty Alert tuning 11 / 25 Receiving notifications of device failures uses: SIEM alerts SNMP traps NetFlow logs DLP rules 12 / 25 Preventing confidential data from leaving endpoints uses: SNMP traps Vulnerability scan DLP SCAP 13 / 25 Detecting and removing malware in real time is done by: SIEM Antivirus DLP NetFlow 14 / 25 Centralizing event correlation and dashboards is a function of: NetFlow SIEM SCAP Benchmarks 15 / 25 Monitoring without local software uses which method? Antivirus agent Agentless polling SIEM reporting DLP quarantine 16 / 25 Software installed on endpoints to collect data is called: Agentless tool Agent Trap listener SIEM node 17 / 25 Pre-defined configuration checks are provided by: SIEM Agents Benchmarks Quarantine 18 / 25 Which protocol standardizes automated security checks? SNMP traps SCAP NetFlow DLP 19 / 25 Reducing false positives by adjusting rules is: Log aggregation Scanning Alert tuning Reporting 20 / 25 Automatically isolating a compromised host is an example of: Alert tuning Reporting Quarantine Archiving 21 / 25 Storing old logs for compliance is called: Alerting Archiving Triage Quarantine 22 / 25 Summarizing security events for executives is: Archiving Alert response Reporting Scanning 23 / 25 Periodically examining systems for missing patches is known as: Alert tuning Log aggregation Scanning Quarantine 24 / 25 Notifying staff immediately when a threshold is crossed describes: Scanning Alerting Archiving Reporting 25 / 25 Aggregating logs from servers, firewalls and endpoints is called: Alert tuning Log aggregation Vulnerability scanning Incident quarantine Your score isThe average score is 0% 0% Restart quiz Return to CompTia S+ SY0-701 Objectives
