You are a security officer of a company. You had an alert from IDS that indicates that one PC on your
Intranet is connected to a blacklisted IP address (C2 Server) on the Internet. The IP address was
blacklisted just before the alert. You are staring an investigation to roughly analyze the severity of the
situation. Which of the following is appropriate to analyze?

Which is the first step followed by Vulnerability Scanners for scanning a network?

Log monitoring tools performing behavioral analysis have alerted several suspicious logins on a Linux server occuring during non-business hours. After further examination of all login activities, it is notices that none of the logins have occurred during typical work hours. A Linux administrator who is investigating this problem realized the system time on the Linux server is wrong by more than twelve hours. What protocol used on Linux serves to synchronize the time has stopped working?

The Open Web Application Security Project (OWASP) is the worldwide not-for-profit charitable organization focused on improving the security of software. What item is the primary concern on OWASP's Top Ten Project Most Critical Web Application Security Risks?

Which of the following is designed to identify malicious attempts to penetrate systems?