Which personnel in a SOC is assigned the task of verifying whether an alert triggered by monitoring software represents a true security incident?
cyberops
University
•9 Qs
Similar activities
Peopleware
University
•10 Qs
Lesson 5 - DBMS
University
•10 Qs
Fortnite!
KG - Professional Development
•13 Qs
EJ Uint 1
University
•10 Qs
MSG UNIVERSITY - BASIC DATACENTER
University
•10 Qs
IPSIS: WEDNESDAY RECAP
University
•12 Qs
Topic III: Information Gathering
University
•10 Qs
ECIH Preparation
University
•12 Qs
cyberops
Quiz
•
Special Education, Computers, Life Skills
•
University
•
Medium
S. Lestariningati
Used 8+ times
FREE Resource
9 questions
Show all answers
1.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Tier 1 Personnel
Tier 2 Personnel
Tier 3 Personnel
SOC Manager
2.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
After a security incident is verified in a SOC, an incident responder reviews the incident but cannot identify the source of the incident and form an effective mitigation procedure. To whom should the incident ticket be escalated?
the SOC manager to ask other personnel to be assigned
an alert analyst for further analysis
a cyberoperations analyst for help
a SME for further investigation
3.
MULTIPLE SELECT QUESTION
45 sec • 1 pt
Which two services are provided by security operations centers? (Choose two.)
responding to data center physical break-ins
monitoring network security threats
managing comprehensive threat solutions
ensuring secure routing packet exchanges
providing secure internet connections
4.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Which organization is an international nonprofit organization that offers the CISSP certification?
CompTIA
(ISC)2
IEEE
GIAC
Answer explanation
(ISC)2 is an international nonprofit organization that offers the CISSP certification.
5.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
What is a benefit to an organization of using SOAR as part of the SIEM system?
SOAR was designed to address critical security events and high-end investigation.
SOAR would benefit smaller organizations because it requires no cybersecurity analyst involvement once installed.
SOAR automates incident investigation and responds to workflows based on playbooks
SOAR automation guarantees an uptime factor of “5 nines”.
Answer explanation
Explanation: SIEM systems are used for collecting and filtering data, detecting and classifying threats, and analyzing and investigating threats. SOAR technology does the same as SIEMs but it also includes automation. SOAR integrates threat intelligence and automates incident investigation. SOAR also responds to events using response workflows based on previously developed playbooks.
6.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Which personnel in a SOC are assigned the task of hunting for potential threats and implementing threat detection tools?
Tier 3 SME
Tier 2 Incident Reporter
Tier 1 Analyst
SOC Manager
Answer explanation
In a SOC, Tier 3 SMEs have expert-level skills in network, endpoint, threat intelligence, and malware reverse engineering (RE). They are deeply involved in hunting for potential security threats and implementing threat detection tools.
7.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
An SOC is searching for a professional to fill a job opening. The employee must have expert-level skills in networking, endpoint, threat intelligence, and malware reverse engineering in order to search for cyber threats hidden within the network. Which job within an SOC requires a professional with those skills?
Incident Responder
Alert Analyst
SOC Manager
Threat Hunter
Answer explanation
Tier 3 professionals called Threat Hunters must have expert-level skills in networking, endpoint, threat intelligence, and malware reverse engineering. They are experts at tracing the processes of malware to determine the impact of the malware and how it can be removed.
8.
MULTIPLE SELECT QUESTION
45 sec • 1 pt
Which three are major categories of elements in a security operations center? (Choose three.)
technologies
people
processes
data center
database engine
9.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Which KPI metric does SOAR use to measure the time required to stop the spread of malware in the network?
MITR
Time to Control
Time to Control
MITC
MTTD
Answer explanation
The common key performance indicator (KPI) metrics compiled by SOC managers are as follows:• Dwell Time: the length of time that threat actors have access to a network before they are detected and the access of the threat actors stopped
Similar Resources on Quizizz
10 questions
DBMS
Quiz
•
University
10 questions
IDPS
Quiz
•
University
13 questions
Fortnite!
Quiz
•
KG - Professional Dev...
11 questions
Module 3 IT Professional
Quiz
•
University
10 questions
Checkpoint 2 Review - 12 A
Quiz
•
12th Grade - University
10 questions
FSDA - Amsterdam
Quiz
•
University
10 questions
MidTerm Trivia - Module 5-6
Quiz
•
University
12 questions
IPSIS: WEDNESDAY RECAP
Quiz
•
University
Popular Resources on Quizizz
15 questions
Multiplication Facts
Quiz
•
4th Grade
20 questions
Math Review - Grade 6
Quiz
•
6th Grade
20 questions
math review
Quiz
•
4th Grade
5 questions
capitalization in sentences
Quiz
•
5th - 8th Grade
10 questions
Juneteenth History and Significance
Interactive video
•
5th - 8th Grade
15 questions
Adding and Subtracting Fractions
Quiz
•
5th Grade
10 questions
R2H Day One Internship Expectation Review Guidelines
Quiz
•
Professional Development
12 questions
Dividing Fractions
Quiz
•
6th Grade