Where will you find the reputation IP database, if you want to monitor traffic from known bad IP reputation using OSSIM SIEM?
Correct Answer:A
Which of the following steps of incident handling and response process focus on limiting the scope and extent of an incident?
Correct Answer:A
Charline is working as an L2 SOC Analyst. One day, an L1 SOC Analyst escalated an incident to her for further investigation and confirmation. Charline, after a thorough investigation, confirmed the incident and assigned it with an initial priority.
What would be her next action according to the SOC workflow?
Correct Answer:B
Emmanuel is working as a SOC analyst in a company named Tobey Tech. The manager of Tobey Tech recently recruited an Incident Response Team (IRT) for his company. In the process of collaboration with the IRT, Emmanuel just escalated an incident to the IRT.
What is the first step that the IRT will do to the incident escalated by Emmanuel?
Correct Answer:C
Properly applied cyber threat intelligence to the SOC team help them in discovering TTPs. What does these TTPs refer to?
Correct Answer:A