Blog

You work as a SOC architect/designer and are obtaining the technical requirements from the customer, a multinational organization with a limited budget that must adhere to multiple security standards. They…

You work in the SOC team and are currently investigating a zero-day attack. The SOC analysts have identified a workstation that is infected with malware that must be quarantined from…

The SOC team has just contained a cyber threat. Which two of the following post-incident activities should they perform? (Choose two.) triage forensics eradication quarantining creating post-incident reports, such as…

An incident response has occurred, and the SOC team is preparing to publish a message discussing the incident to all the employees. Which internal department will the SOC team coordinate…

The incident response phases can be grouped into detect, respond, and recover. Which of the following is not considered a step in any of these three phases? preparation lessons learned retaliation eradication…

What is the reason why the SOC must work with other departments in their activities? Corporate governance dictates that the SOC cannot be solely responsible for the cybersecurity effort. From…

What is the most common way for SOC team members to discover an incident? corporate website phone call from a user SOC ticketing system SIEM alert Explanation & Hint: The…

During an incidence response, it is quite possible that not all SOC members will be engaged simultaneously in the activity. What could be the reason for this variation? The SOC…

Which two of the following are widely known cybercriminal groups? (Choose two.) organized crime religious organizations private hackers disguised as nonprofit organizations state-affiliated university students white hat hackers Explanation &…

You are reviewing career opportunities in cybersecurity and have discovered the following opportunity on an online job board: Are you a cybersecurity specialist with a passion for stopping threat actors…

You have just been hired as a Triage Specialist at an MSSP, and you are undergoing orientation with the CISO. She impresses upon you that all the work you perform…

During your new-hire orientation, the CISO emphasizes that the primary goal of an MSSP SOC provider is to focus on security operations to ensure business continuity. Which is an example…

What three items could be a cause of SOC analyst burnout? (Choose three.) Increased workload resulting from complex data flows originating from hybrid cloud infrastructures Additional security devices that are…

You are reviewing career opportunities in cybersecurity and have found the following opportunity on an online job board: Are you passionate about cybersecurity? Want to create order from chaos? Job…

You are a Tier 1 SOC Analyst–Triage Specialist performing incidence response functions with your Tier 2 and Tier 3 colleagues. It has just been determined that the zero-day ransomware attack…

A network administrator is adding a new LAN to a branch office. The new LAN must support 10 connected devices. What is the smallest network mask that the network administrator…

A client packet is received by a server. The packet has a destination port number of 22. What service is the client requesting? SSH DNS DHCP TFTP Explanation & Hint:…

What service is provided by SMTP? Allows remote access to network devices and servers. Uses encryption to provide secure remote access to network devices and servers. Allows clients to send…

Match the firewall function to the type of threat protection it provides to the network. (Not all options are used.) Answers Explanation & Hints: Application filters prevent access based on…

Two pings were issued from a host on a local network. The first ping was issued to the IP address of the default gateway of the host and it failed.…