Beacon - Fundamentals of SOC (Security Operations Center) Assessment Graded A+!!!

Which is not a top-three wish for Security Operations Engineers? A. Reduce the number of alerts flowing into the SOC B. Access tools to quickly investigate threats C. Lessen the time required to take to contain a breach D. Use previous incidents to prevent future attacks - D Which element is a tool to assist organizations in aggregating, correlating, and analyzing threat data from multiple sources? - Threat Intelligence Platform Which element of the People pillar focuses on retaining staff members? - Career Path Progression Which business objective includes details about how the Security Operations organization will achieve its goals? - Planning Which pillar enables you to anticipate, prepare, and react to changes in security operations? - Visibility Which metric has skewed results that may cause analysts to "cherry-pick" incidents? - Number of incidents handled Which business objective dictates how to measure "performance" against the defined and socialized mission statement? - Governance Which element of the Processes pillar is rooted in revisiting prior incidents? - Capability Improvement Which element refers to technologies that enable organizations to collect inputs monitored by the Security Operations team? - SOAR How is SOAR different from SIEM? - It ingests alerts and drives them to response SOAR - Security Orchestration, Automation, and Response SIEM - Security Information and Event Management Which element of the Processes pillar is part of the Identification function? - Initial Research How often should tabletop exercises be performed? - Once a quarter Which pillar defines the step-by-step instructions and functions that will be carried out? - Processes Which team would have work tickets to reimage machines, request system patching, or reject assets joining the network? - Help Desk Which pillar defines the purpose of the Security Operations team to the business and how it will be managed? - Business Which technology or technique can be implemented to detect, deflect, and counteract malicious activities? - Honey Pot In which of the four main core functions of security operations should a detailed analysis take place? - Investigation Which element is a collaborative toolset used to document, track, and notify the entire organization of security incidents? - Case Management Which pillar requires maintaining an SME specialist? - Technology Which business objective is considered the roadmap that guides the organization? - Mission Which team is responsible for developing, implementing, and maintaining the network security policies? - Network Security Which element is used to gather information required to determine the severity of an incident and builds the foundation for an investigation? - Initial Research Which element is considered a safe place to simulate an end user's environment to test unknown applications? - Malware Sandbox Which feature can mitigate or block malicious behavior and is considered a proactive control? - Intrusion Prevention System (IPS) Which element protects HTTP applications from well-known HTTP exploits? - Web Application Firewall Which element provides control for detecting and protecting servers, PCs, laptops, phones, and tablets from attacks such as exploits and malware? - Endpoint Security Which element is a security technology that detects malicious activity by identifying anomalous behavior indicative of attacks? - Behavioral Analysis Which element provides investigative support if legal action is required? - Forensics and Telemetry Which element can reduce the number of unauthorized, unpatched, or compromised devices from connecting to the network? - Network Access Control Which team is responsible for managing, monitoring, and responding to alerts that may impact the availability and performance of the IT infrastructure? - IT Operations