I work in email and malware analysis project of US based Mssp. I have no experience in SOC/IR. So in one interview, they asked a question "Assume your organisation do not have EDR and SIEM tools, only a firewall. One endpoint is infected by a ransomware and constantly communicates with its C2s. How will you find out that one infected endpoint in firewall ?" submitted by /u/Terminator996
[link] [comments]
http://dlvr.it/T6QS21
Full width home advertisement
Blog Archive
-
▼
2024
(445)
-
▼
May
(56)
- SIEM Searches
- Pattern Scanning Intro (For Game Hacking)
- Seeking Advice on Balancing Security Controls and ...
- Exported Activity In Android Application Allowing ...
- Cybersecurity Analyst transitioning to Cloud Security
- Subdomain takeover via AWS s3 bucket
- Introducing cybersectools.com: The largest curated...
- Bug Bounty In 2024
- Buffer Overflow shell
- Earning with Exploits: The Bug Bounty Journey
- Network Penetration Testing: A Comprehensive Guide
- Tips & Tricks To Get Hall of Fame In NASA
- Top cybersecurity stories for the week of 05-20-24...
- How to Use ParamSpider Tool — For Bug Bounty
- Top Network Hacking Techniques Familiar with Every...
- Unfading Sea Haze - "new" APT targeting military a...
- How to find View Angles for Aimbots | Explained
- Search for feedback about Hash24Security Premium p...
- Pentesting: AI: WEB 1 | Privilege Escalation Attac...
- How do you monitor your security tools in your dep...
- How I Hacked NASA Using Google Dork in Just 10 Min...
- Walk-Through of Bepractical.tech lab #3
- Limits to the rabbit hole of soc investigation
- A Story of Zero-click complete Account Takeover
- Managed SIEM provider recommendations
- The Hacker’s Mind -Recon Mind map
- Pricing, POS, Broker to banker, Cybersecurity Tool...
- Windows Active Directory Least Privilege - Am I be...
- How to Create a Cloud Lab for Anonymous Bug Bounty...
- New Tools for Developers Bolster AI Cybersecurity ...
- Cybersecurity Tools Recommendation
- CVE-2024–4761: Exploiting Chrome’s JavaScript Engi...
- Let me introduce you to the Evil-M5Project 🚀
- XSS on TikTok
- Google introduces Gemini-powered cybersecurity too...
- Is Application Security going to be greatly reduce...
- 24.15 Lab: HTTP request smuggling, obfuscating the...
- New type of web vulnerability RPFI
- Today I am going to walk through bepractical.tech
- Digital Forensics
- NMAP Command Options
- Top cybersecurity stories for the week of 05-06-24...
- How I Discovered a CVE by Scanning Open Source Rep...
- Any advice on some training tools I can use for ba...
- Simple bug on Indian government website | Govt. bu...
- Network Infrastructure Recon
- [Serious] How to explain social media pursuasion t...
- Help with a project that does make sense ?
- BugBountyTraining Lab: FastFoodHackings Part 1
- Need answer for the question asked in interview
- Get Your First Award by Joining IDN Bootcamp Bug B...
- Top cybersecurity stories for the week of 04-29-24...
- Complex Attack Types: Sample Scenarios 3
- Those who have migrated on-prem VPN to SASE soluti...
- Managing cybersecurity in local government - multi...
- How would you approach to exploit a ReDos attack?
-
▼
May
(56)
Advertisement
LIVE CYBERTHREAT
Latest Trends
Contact Form
amcat question search
search Pentest tools
Total Pageviews
Search Blog
Copyright 2017, " Vpentest ". All rights Reserved.
| Designed by Colorlib
No comments:
Post a Comment