David is a SOC analyst in Karen Tech. One day an attack is initiated by the intruders but David was not able to find any suspicious events.
This type of incident is categorized into?

• A.True Positive Incidents
• B.False Negative Incidents
• C.True Negative Incidents
• D.False positive Incidents

Comment: *

Name: *

Email: *

Verification: *

In which phase of Lockheed Martin's - Cyber Kill Chain Methodology, adversary creates a deliverable malicious payload using an exploit and a backdoor?

• A.Reconnaissance
• B.Delivery
• C.Weaponization
• D.Exploitation

Correct Answer: C

Comment: *

Name: *

Email: *

Verification: *

Robin, a SOC engineer in a multinational company, is planning to implement a SIEM. He realized that his organization is capable of performing only Correlation, Analytics, Reporting, Retention, Alerting, and Visualization required for the SIEM implementation and has to take collection and aggregation services from a Managed Security Services Provider (MSSP).
What kind of SIEM is Robin planning to implement?

• A.Self-hosted, Self-Managed
• B.Hybrid Model, Jointly Managed
• C.Self-hosted, MSSP Managed
• D.Cloud, Self-Managed

Comment: *

Name: *

Email: *

Verification: *

Which of the following formula is used to calculate the EPS of the organization?

• A.EPS = number of correlated events / time in seconds
• B.EPS = average number of correlated events / time in seconds
• C.EPS = number of security events / time in seconds
• D.EPS = number of normalized events / time in seconds

Comment: *

Name: *

Email: *

Verification: *

Bonney's system has been compromised by a gruesome malware.
What is the primary step that is advisable to Bonney in order to contain the malware incident from spreading?

• A.Complaint to police in a formal way regarding the incident
• B.Call the legal department in the organization and inform about the incident
• C.Turn off the infected machine
• D.Leave it to the network administrators to handle

Comment: *

Name: *

Email: *

Verification: *