Module 2: Security Incident Creation and Threat Intelligence

Question 1

What happens if an ITIL user clicks the Create Security Incident button on a regular incident? Select all that apply.
a. Security Incident is generated
b. A Security Incidents related list appears on the incident
c. ITIL user is taken to the Security Incident form to complete additional information
d. Incident work notes are updated to show a Security Incident has been created
e. Incident is closed
f. The Create Security Incident button disappears

Answer 1

Answers: a, b

a. Security Incident is generated
b. A Security Incidents related list appears on the incident

Question 2

In the baseline, anyone with the ITIL role can generate a security incident from a regular incident.
a. True
b. False

Answer 2

a. True

Question 3

Which of the following activities can be done via the Setup Assistant? Select all that apply.
a. Define an Alert Rule
b. Set up SLAs
c. Set up Post-Incident Review Process
d. Configure Integrations
e. Set up Notifications
f. Set up Runbooks

Answer 3

Answers: b, c, d, f

b. Set up SLAs
c. Set up Post-Incident Review Process
d. Configure Integrations
f. Set up Runbooks

Question 4

Utilization of the MITRE-ATT&CK Framework requires a subscription to MITRE.
a. True
b. False

Answer 4

b. False

Question 5

Requests raised via the Security Incident Catalog always generate a Security Incident.
a. True
b. False

Answer 5

b. False