A cybersecurity analyst is doing triage in a SIEM and notices that the time stamps between the firewall and the host under investigation are off by 43 minutes. Which of the following is the most likely scenario occurring with the time stamps?
A.
The NTP server is not configured on the host
B.
The cybersecurity analyst is looking at the wrong information
I would imagine that if the problem was with UTC time, then the logs would be asynchronised in intervals of 30 minutes or full hours, depending on which time zones are involved. This should be NTC issue in my opinion.
Even if the firewall is using UTC time, the difference would typically be an exact number of hours, like 1, 2, or 5 hours, depending on the time zone. A 43-minute difference suggests a clock drift rather than a time zone issue.
43-minute discrepancy between the firewall and the host timestamps is C
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.CS0-003 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
FT000
Highly Voted 1 year, 2 months agoAndreasH
Highly Voted 1 year, 2 months agocy_analyst
Most Recent 7 months agoHL2020
1 year agoJhonattan0032
1 year, 2 months ago