Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CCNA Cyber Ops SECOPS > SECOPS 1: Defining the SOC > Flashcards

SECOPS 1: Defining the SOC Flashcards

1
Q

Three SOC types

A

Threat-centric SOCs
Compliance-based SOCs
Operational-based SOC’s

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

threat-centric SOC

A

proactively hunts for malicious threats on networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Before an attack…

A

Comprehensive contextual awareness

in-depth analysis of network traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

During an attack

A

Ability to continuously detect the presence of threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

After an attack

A 
ID Point of Entry
Determine scope
Contain threat
Remediate host
Minimize risk of reinfection
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Key to successful compliance based SOC

A

Linking an org’s risk management and IR practices to an automated system compliance process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Compliance based SOC is focused on…

A

comparing the compliance posture of network systems to reference config templates and standard system builds

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Operational based SOC

A

internally focused organization that is tasked with monitoring the security posture

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

CSIRT

A

Operational based SOC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Operational based SOC focused on

A

maintaining the operational integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

SOC tools do these things:

A 
Network mapping
Network monitoring
Vulnerability detection
Penetration testing
Data collection
Threat and anomaly detection 
Data aggregation and correlation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

NSM

A

network security monitoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

SOC automation tasks

A

Ticket generation
False positive alert handling
Report generation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Data analytics

A

Science of examining raw data or data sets with the purpose of drawing conclusions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Data Set

A

Collection of related, discrete items of related data in a structure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Database contains or can be a…

A

Data Set

17
Q

Dynamic analysis is

A

evaluation of a program by executing the data in real-time to find errors.

18
Q

Sequencing

A

Reconstructing network traffic flow

19
Q

Path analysis

A

Interpretation of a chain of consecutive events during a short period of time.

20
Q

Path analysis purpose

A

Understand attackers behavior in order to gain actionable insights

21
Q

Log clustering

A

Mine large amounts of log data to identify anomalous behavior.

22
Q

Incidents are

A

Alerts or events that could pose a serious threat to the organization

23
Q

Alarm prioritization

A

Relieves analysts from sorting through low-level and irrelevant alerts

24
Q

NIST 800-181

A

Cyber-workforce framework

CCNA Cyber Ops SECOPS (19 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions