Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
13 Cards in this Set
- Front
- Back
|
What is the OS of the Spectrum Appliance?
|
-Linux
|
|
|
What three things are used to manage the Spectrum Applicance?
|
-Web Interface, SSH command console, Netwitness Administrator software
|
|
|
What are 7 differentiators of Spectrum?
|
-Looks for deviation of good
-100% protocol coverage -Four examination methods -Files examined before they reach host -Root Cause Analysis in Investigator -Can alert without 100% certainty -Alert to SIEM |
|
|
What are the 4 Spectrum views?
|
Dashboard
Events Files System |
|
|
What three things can be displayed on the Dashboard?
|
-Charts/Timelines
-Heat Maps -Geo Maps |
|
|
What interactions are configured with Spectrum's System Tab?
|
-Netwitness Platform
-Internet Resources -Local Environment |
|
|
What are some options for searching in the Spectrum Advanced Search tab?
|
- Date Ranges
-MD5 hash -Meta values -File Type |
|
|
What is the Community score in spectrum analysis based on?
|
-internet and security community based review of meta and file information.
|
|
|
What is the NextGen score in spectrum analysis based on?
|
-Information about the originating and related network sessions.
|
|
|
What is theStatic score in spectrum analysis based on?
|
-inspection of code for signs of abnormmality in the static state.
|
|
|
What is a NextGen or main platform Session referred to in Spectrum?
|
Event
|
|
|
What does a High Static, NextGen and Sandbox score but a low Community Score indicate?
|
-Possible Zero-Day Attack
|
|
|
What does a High Static, Next Gen and Community score but a low Sandbox score?
|
-Sandbox Aware Malware
|
