Which of the following is a report writing tool that will help incident handlers to generate efficient reports on detected incidents during incident response process?

• A.MagicTree
• B.Malstrom
• C.IntelMQ
• D.threat_note

Comment: *

Name: *

Email: *

Verification: *

Which of the following is a Threat Intelligence Platform?

• A.SolarWinds MS
• B.Keepnote
• C.TC Complete
• D.Apility.io

Comment: *

Name: *

Email: *

Verification: *

Which of the following formula is used to calculate the EPS of the organization?

• A.EPS = number of correlated events / time in seconds
• B.EPS = average number of correlated events / time in seconds
• C.EPS = number of security events / time in seconds
• D.EPS = number of normalized events / time in seconds

Comment: *

Name: *

Email: *

Verification: *

What does [-n] in the following checkpoint firewall log syntax represents?
fw log [-f [-t]] [-n] [-l] [-o] [-c action] [-h host] [-s starttime] [-e endtime] [-b starttime endtime] [-u unification_scheme_file] [-m unification_mode(initial|semi|raw)] [-a] [-k (alert name|all)] [-g] [logfile]

• A.Display detailed log chains (all the log segments a log record consists of)
• B.Display both the date and the time for each log record
• C.Speed up the process by not performing IP addresses DNS resolution in the Log files
• D.Display account log records only

Comment: *

Name: *

Email: *

Verification: *

Harley is working as a SOC analyst with Powell Tech. Powell Inc. is using Internet Information Service (IIS) version 7.0 to host their website.
Where will Harley find the web server logs, if he wants to investigate them for any anomalies?

• A.SystemDrive%\inetpub\logs\LogFiles\W3SVCN
• B.%SystemDrive%\LogFiles\logs\W3SVCN
• C.SystemDrive%\LogFiles\inetpub\logs\W3SVCN
• D.SystemDrive%\ inetpub\LogFiles\logs\W3SVCN

Comment: *

Name: *

Email: *

Verification: *