Chapter 1 - Defining Security Operations

Question 1

The type of SOC which proactively hunts for malicious threats on the network.

Answer 1

Threat-Centric SOC

Question 2

The type of SOC that is focused on comparing the network system to reference templates and standard system builds.

Answer 2

Compliance-Based SOC

Question 3

The type of SOC that is focused on monitoring the current status of the organizations security posture.

Answer 3

Operational-Based SOC

Question 4

Name the three types of SOC’s

Answer 4

Operational-Based, Compliance-Based, and Threat-Centric

Question 5

Name the science of examining and deciphering raw data or data sets with the purpose of drawing conclusions.

Answer 5

Data Analytics

Question 6

What type of log mining is reconstructing or following the network traffic flow?

Answer 6

Sequencing

Question 7

What type of log mining is an interpretation of a chain of consecutive events that occur during a set period of time?

Answer 7

Path Analysis

Question 8

What type of log mining is used to go through large amounts of log data to build profiles and to identify anomalous behaviour?

Answer 8

Log Clustering

Question 9

What is a branch of digital forensics that relates to the monitoring and analysis of network traffic, with the purpose of evidence gathering or intrusion detection?

Answer 9

Network Forensics

Question 10

Who’s role is it to prioritize work and organize resources with the goal of detecting, investigating, and mitigating incidents that could impact the business?

Answer 10

SOC Manager