Last Updated on November 16, 2023 by InfraExam
You are a Tier 1 SOC Analyst–Triage Specialist performing incidence response functions with your Tier 2 and Tier 3 colleagues. It has just been determined that the zero-day ransomware attack placed the malware on your network three weeks ago. What is the term for this three-week period?
- forensic gathering time
- vulnerability testing time
- incident prevention time
- dwell time
|Explanation & Hint:
The term for the three-week period during which the malware was on your network before being detected is called “dwell time.” Dwell time refers to the duration that an attacker or malware remains undetected within a network or system, allowing them to carry out their malicious activities without being noticed. Reducing dwell time is a critical objective in cybersecurity to minimize the potential damage caused by cyberattacks.