The SOC team has enabled rule set in the intrusion protection system to stop a network breach. If network data is received that matches this rule set, which type of…
A possible breach has been reported and Rajiv, the Tier 1 triage specialist, has performed initial processing, including confirming its validity. Which tool will Rajiv and the other SOC analysts…
Which tool generates data packet captures and is appropriate for both threat hunting and forensic activities? IPS logs Wireshark SIEM Cisco Secure Malware Analytics Explanation & Hint: Wireshark is the…
You work as a cybersecurity specialist and provide procurement recommendations. The organization that you are working for would like a package toolset to include at a minimum both intrusion protection…
As an incident responder and are investigating an incident in which the malware that seems to be targeting a vulnerability has no known signature yet. More specifically, the malware is…
Acme, Inc., has suffered a breach, and the SOC team is preparing forensic data for legal action. Which type of data will be collected for this purpose? session data transaction…
Which two of the following statements about the SIEM are correct? (Choose two.) A SIEM is a Cisco proprietary appliance that ingests, normalizes, correlates, and aggregates telemetry data from all…
You are an incident handler who is investigating a zero-day attack on an endpoint device. You and the triage specialist have identified the specific endpoint that has been breached and…
You are a Tier 3 threat hunter. You and the rest of the SOC team have identified and quarantined a breach. Which two procedures will you, as a threat hunter,…
You work as a Tier 2 incident handler at a large corporation with an extensive network infrastructure. A zero-day attack has occurred, and you must determine how many endpoints have…
A breach has occurred, and the SOC team has determined that it is a zero-day attack. Which SOC team member will use sandbox technology to analyze the malware that is…
You work as a SOC analyst. Which option is an element of the security architecture that might report on beaconing activity between an infected host and a botnet command-and-control server?…
Which two of the following responsibilities describe the day-to-day work of the SOC manager? (Choose two.) communicating necessary information with the CISO or CIO reporting to the HR Manager. providing…
What are two benefits of a holistic SOC team, where responsibilities are shared? (Choose two.) lower organizational CapEx costs more effective transfer of knowledge throughout the corporate security community lower…
You are reviewing career opportunities in cybersecurity and discover the following opportunity on an online job board: “Are you passionate about cyber security? Want to create order from chaos?” Hiring…
You work as a SOC architect/designer and are asked to perform a technical interview for an organization that is interested in using a virtual SOC. Which of the following questions…
You continue reviewing career opportunities in cybersecurity and find another opportunity: “Are you a cybersecurity specialist with a passion for stopping bad actors in their tracks?” Hiring Company Description: National retail…
You work as a SOC architect/designer and are asked to perform a technical interview for an organization interested in creating a dedicated SOC. Which of the following questions is irrelevant?…
Which SOC type proactively focuses on addressing security across the entire attack continuum: before, during, and after an attack? compliance-based threat-centric operation-based hybrid Explanation & Hint: A threat-centric SOC proactively…
You review this final cybersecurity posting on the online job board: Hiring Company Description: Bay State Power & Electric is the state’s largest power utility. Our day-to-day cybersecurity focus is maintaining…