Manage Security Risks

Question 1

What is Chronicle in the context of cybersecurity?

Answer 1

A cloud-native tool designed to retain, analyze, and search data.

Question 2

What is incident response?

Answer 2

An organization’s quick attempt to identify an attack, contain the damage, and correct the effects of a security breach.

Question 3

What is a log in cybersecurity?

Answer 3

A record of events that occur within an organization’s systems.

Question 4

What are metrics in the context of software applications?

Answer 4

Key technical attributes such as response time, availability, and failure rate, which are used to assess the performance of a software application.

Question 5

What is an operating system (OS)?

Answer 5

The interface between computer hardware and the user.

Question 6

What is a playbook in cybersecurity?

Answer 6

A manual that provides details about any operational action.

Question 7

What is security information and event management (SIEM)?

Answer 7

An application that collects and analyzes log data to monitor critical activities in an organization.

Question 8

What is security orchestration, automation, and response (SOAR)?

Answer 8

A collection of applications, tools, and workflows that use automation to respond to security events.

Question 9

What are SIEM tools?

Answer 9

Software platforms that collect, analyze, and correlate security data from various sources across your IT infrastructure to help identify and respond to security threats in real-time, investigate security incidents, and comply with security regulations.

Question 10

What is Splunk Cloud?

Answer 10

A cloud-hosted tool used to collect, search, and monitor log data.

Question 11

What is Splunk Enterprise?

Answer 11

A self-hosted tool used to retain, analyze, and search an organization’s log data to provide security information and alerts in real-time.

Question 12

What type of SIEM tool is designed to take full advantage of cloud computing capabilities?

Answer 12

Cloud-native.

Question 13

Which log source records events related to websites, emails, file shares, and password and username requests?

Answer 13

Server

Question 14

What are the different types of SIEM tools? Select three answers.

Answer 14

Self-hosted, Cloud-hosted, Hybrid

Question 15

What does the term “metrics” refer to in software applications?

Answer 15

Technical attributes such as response time, availability, and failure rate.

Question 16

What type of SIEM tool allows for a combination of on-site infrastructure and internet-based solutions?

Answer 16

Hybrid

Question 17

Fill in the blank: SIEM tools must be configured and _____ to meet each organization’s unique security needs.

Answer 17

customized

Question 18

What is the role of the security posture dashboard in Splunk?

Answer 18

It displays the last 24 hours of notable security-related events and trends to help security professionals monitor and investigate potential threats in real time.

Question 19

What is the purpose of the executive summary dashboard in Splunk?

Answer 19

It analyzes and monitors the overall health of the organization over time, providing high-level insights to stakeholders.

Question 20

What does the incident review dashboard in Splunk help analysts do?

Answer 20

Identify suspicious patterns and highlight higher risk items that need immediate review.

Question 21

What is the risk analysis dashboard used for in Splunk?

Answer 21

It helps analysts identify risk for each risk object and prioritize their risk mitigation efforts.

Question 22

What is the enterprise insights dashboard in Chronicle used for?

Answer 22

It highlights recent alerts, identifies suspicious domain names in logs, and provides a severity level for each threat.

Question 23

What does the data ingestion and health dashboard in Chronicle show?

Answer 23

The number of event logs, log sources, and success rates of data being processed.

Question 24

What does the IOC matches dashboard in Chronicle indicate?

Answer 24

The top threats, risks, and vulnerabilities to the organization

Question 25

What is the main dashboard in Chronicle used for?

Answer 25

It provides a high-level summary of information related to data ingestion, alerting, and event activity over time.