Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

SOC Leaning > Cybrary learning > Flashcards

Cybrary learning Flashcards

SOC work

1
Q

What is EDR

A

EDR is endpoint detection and response.
This is an evolution of AV technology thats coupled with signature-based detection and behavioural-based detection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

IDS & IPS

A

Tools designed to detect and prevent unauthorized access or malicious activities by inspecting network traffic in real time. They use signatures, heuristics, or anomaly detection to identify threats, and may perform various actions upon detection, ranging from generating an alert to resetting a suspicious TCP connection and blocking the source IP address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is ‘signature-based alerts’

A

Signature-based alerts are generated when activity matches a known pattern or “signature” of malicious behavior. These signatures are often based on specific attributes or characteristics of known malware, attacks, or other malicious activities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the data types for signatures?

A

Text: Signatures written in plain text

Binary: Signatures that involve specific sequences of raw data, often represented in hexadecimal notation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the 5 steps with NIST

A

Identify. Protect, Detect, Respond & Recover

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

SOC Leaning (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions