You work as a SOC architect/designer and are asked to perform a technical interview for an organization that is interested in using a virtual SOC. Which of the following questions…
You continue reviewing career opportunities in cybersecurity and find another opportunity: “Are you a cybersecurity specialist with a passion for stopping bad actors in their tracks?” Hiring Company Description: National retail…
You work as a SOC architect/designer and are asked to perform a technical interview for an organization interested in creating a dedicated SOC. Which of the following questions is irrelevant?…
Which SOC type proactively focuses on addressing security across the entire attack continuum: before, during, and after an attack? compliance-based threat-centric operation-based hybrid Explanation & Hint: A threat-centric SOC proactively…
You review this final cybersecurity posting on the online job board: Hiring Company Description: Bay State Power & Electric is the state’s largest power utility. Our day-to-day cybersecurity focus is maintaining…
You work as a SOC architect/designer and are obtaining the technical requirements from the customer, a multinational organization with a limited budget that must adhere to multiple security standards. They…
You work in the SOC team and are currently investigating a zero-day attack. The SOC analysts have identified a workstation that is infected with malware that must be quarantined from…
The SOC team has just contained a cyber threat. Which two of the following post-incident activities should they perform? (Choose two.) triage forensics eradication quarantining creating post-incident reports, such as…
An incident response has occurred, and the SOC team is preparing to publish a message discussing the incident to all the employees. Which internal department will the SOC team coordinate…
The incident response phases can be grouped into detect, respond, and recover. Which of the following is not considered a step in any of these three phases? preparation lessons learned retaliation eradication…
What is the reason why the SOC must work with other departments in their activities? Corporate governance dictates that the SOC cannot be solely responsible for the cybersecurity effort. From…
What is the most common way for SOC team members to discover an incident? corporate website phone call from a user SOC ticketing system SIEM alert Explanation & Hint: The…
During an incidence response, it is quite possible that not all SOC members will be engaged simultaneously in the activity. What could be the reason for this variation? The SOC…
Which two of the following are widely known cybercriminal groups? (Choose two.) organized crime religious organizations private hackers disguised as nonprofit organizations state-affiliated university students white hat hackers Explanation &…
You are reviewing career opportunities in cybersecurity and have discovered the following opportunity on an online job board: Are you a cybersecurity specialist with a passion for stopping threat actors…
You have just been hired as a Triage Specialist at an MSSP, and you are undergoing orientation with the CISO. She impresses upon you that all the work you perform…
During your new-hire orientation, the CISO emphasizes that the primary goal of an MSSP SOC provider is to focus on security operations to ensure business continuity. Which is an example…
What three items could be a cause of SOC analyst burnout? (Choose three.) Increased workload resulting from complex data flows originating from hybrid cloud infrastructures Additional security devices that are…
You are reviewing career opportunities in cybersecurity and have found the following opportunity on an online job board: Are you passionate about cybersecurity? Want to create order from chaos? Job…
You are a Tier 1 SOC Analyst–Triage Specialist performing incidence response functions with your Tier 2 and Tier 3 colleagues. It has just been determined that the zero-day ransomware attack…