Which attack method intercepts traffic on a switched network?
An engineer is analyzing a recent breach where confidential documents were altered and stolen by the receptionist. Further analysis shows that the threat actor connected an externa USB device to bypass security restrictions and steal data. The engineer could not find an external USB device Which piece of information must an engineer use for attribution in an investigation?
Which type of evidence supports a theory or an assumption that results from initial evidence?
What is a difference between an inline and a tap mode traffic monitoring?