Module 2: Security Incident Creation and Threat Intelligence Flashcards

1
Q

What happens if an ITIL user clicks the Create Security Incident button on a regular incident? Select all that apply.
a. Security Incident is generated
b. A Security Incidents related list appears on the incident
c. ITIL user is taken to the Security Incident form to complete additional information
d. Incident work notes are updated to show a Security Incident has been created
e. Incident is closed
f. The Create Security Incident button disappears

A

Answers: a, b

a. Security Incident is generated
b. A Security Incidents related list appears on the incident

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

In the baseline, anyone with the ITIL role can generate a security incident from a regular incident.
a. True
b. False

A

a. True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following activities can be done via the Setup Assistant? Select all that apply.
a. Define an Alert Rule
b. Set up SLAs
c. Set up Post-Incident Review Process
d. Configure Integrations
e. Set up Notifications
f. Set up Runbooks

A

Answers: b, c, d, f

b. Set up SLAs
c. Set up Post-Incident Review Process
d. Configure Integrations
f. Set up Runbooks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Utilization of the MITRE-ATT&CK Framework requires a subscription to MITRE.
a. True
b. False

A

b. False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Requests raised via the Security Incident Catalog always generate a Security Incident.
a. True
b. False

A

b. False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly