Register
Name three indicators that are valid IOC rules. a) Hash, IP, File Name b) User Activity, Network Connection, Timestamp c) Process Tree, File Permissions, Registry Key d) MAC Address, Log Details, Endpoint
177k views
3 votes
Name three indicators that are valid IOC rules.

a) Hash, IP, File Name
b) User Activity, Network Connection, Timestamp
c) Process Tree, File Permissions, Registry Key
d) MAC Address, Log Details, Endpoint Event

User Andrew Paramoshkin
by
7.4k points

1 Answer

5 votes

Final answer:

Three valid IOC rules are Hash, IP, and File Name.

Step-by-step explanation:

Three valid IOC (Indicators of Compromise) rules are:

  1. Hash: A cryptographic hash function that computes a fixed-size hash value for a given input. It can be used to identify if a file has been altered or is known to be malicious.
  2. IP: The Internet Protocol address, which uniquely identifies each device on a network. It can be used to track suspicious network activity or connections.
  3. File Name: The specific name or path of a file, which can indicate if it is associated with known malware or malicious activity.

User Newbee
by
7.2k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

8.8m questions

11.4m answers

Other Questions

The book shows how to add and subtract binary and decimal numbers. However, other numbering systems are also very popular when dealing with computers. The octal (base 8) numbering system is one of these.
Seven basic internal components found in a computer tower
describe an advance in technology that makes life more enjoyable. what discoveries contribute to this technology?
Disadvantages of using animation in advertising? advantages and disadvantages of using animation for education? advantages and disadvantages of using animation in entertainment?
Explain why binary codes are used to represent characters, numbers and symbols :)
Link Copied!