Copyright Goodheart-Willcox Co., Inc. 96 7. In order for log data to be aggregated to a single server, what is needed to provide this functionality? A. Syslog B. SOAR C. Event Viewer D. SIEM dashboard 8. Which type of vulnerability scan can provide the most accurate and detailed feedback regarding the state of vulnerabilities on a system? A. Credentialed scan B. Configuration compliance scan C. Non-credentialed scan D. Intrusive scan 9. Which security feature provides real-time analysis of centralized log data? A. Syslog B. SIM C. UBA D. SEM 10. Which of the following would indicate the best use of using SOAR techniques in an enterprise network? A. The creation of standard baselines B. An immediate response to a potential threat can be launched. C. Provides the capabilities to correlate events from multiple servers D. It can normalize event data, making it more efficient for analysis. LAB EXERCISES Lab Activity 3-1: Startup Programs and Scheduled Tasks In Windows, an easy way to locate startup programs is to run a Microsoft utility called msconfig. The Task Scheduler should also be examined for commands set to execute at a specific time. 1. Click the Windows Start button, and then enter msconfig in the search bar. Select msconfig.exe or System Configuration in the search results to launch the System Configuration utility. 2. In the System Configuration utility, click the Startup tab. In Windows 10, click the Open Task Manager link. In older versions of Windows, the startup information is accessed directly in the System Configuration utility.