You work as a Tier 2 incident handler at a large corporation with an extensive network infrastructure. A zero-day attack has occurred, and you must determine how many endpoints have been affected. Who will you contact to assist you in this effort?

You work as a Tier 2 incident handler at a large corporation with an extensive network infrastructure. A zero-day attack has occurred, and you must determine how many endpoints have been affected. Who will you contact to assist you in this effort?

 

Last Updated on November 16, 2023 by InfraExam

You work as a Tier 2 incident handler at a large corporation with an extensive network infrastructure. A zero-day attack has occurred, and you must determine how many endpoints have been affected. Who will you contact to assist you in this effort?

  • the triage specialist, who is already familiar already with the incident
  • the SOC manager, who is always the first point of case escalation
  • the Tier 3 incident responder and threat hunter, who is responsible for assisting in this activity and determining how many endpoints have been affected
  • the CISO, who should be the initial point of contact for every activity elevation in the SOC
Explanation & Hint:

To determine how many endpoints have been affected in a zero-day attack, as a Tier 2 incident handler, you should contact the Tier 3 incident responder and threat hunter. Tier 3 incident responders typically have more advanced skills and tools to conduct in-depth investigations and can assist in this type of activity. They often work closely with Tier 2 analysts in handling complex incidents and providing expertise in threat hunting and response activities.

For more Questions and Answers:

Security Operations Center Post-Assessment | CBROPS

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments