Module 2: Security Incident Creation and Threat Intelligence Flashcards
What happens if an ITIL user clicks the Create Security Incident button on a regular incident? Select all that apply.
a. Security Incident is generated
b. A Security Incidents related list appears on the incident
c. ITIL user is taken to the Security Incident form to complete additional information
d. Incident work notes are updated to show a Security Incident has been created
e. Incident is closed
f. The Create Security Incident button disappears
Answers: a, b
a. Security Incident is generated
b. A Security Incidents related list appears on the incident
In the baseline, anyone with the ITIL role can generate a security incident from a regular incident.
a. True
b. False
a. True
Which of the following activities can be done via the Setup Assistant? Select all that apply.
a. Define an Alert Rule
b. Set up SLAs
c. Set up Post-Incident Review Process
d. Configure Integrations
e. Set up Notifications
f. Set up Runbooks
Answers: b, c, d, f
b. Set up SLAs
c. Set up Post-Incident Review Process
d. Configure Integrations
f. Set up Runbooks
Utilization of the MITRE-ATT&CK Framework requires a subscription to MITRE.
a. True
b. False
b. False
Requests raised via the Security Incident Catalog always generate a Security Incident.
a. True
b. False
b. False