Thanks for Visiting my channel
NSE 2 SOAR
NSE 2 Lesson 8 – NSE 2 SOAR
Question text
Question 1
Which is a benefit of SOAR?
Select one:
It deflects DDoS attacks and identifies the Command and Control source
It reports on which endpoints require patching and have security vulnerabilities
It increases security team efficacy by automating repetitive processes
It analyzes and generates a security score to measure improvements in network security
Question 2
Question text
What are playbooks used for?
Select one:
To automate the actions that an analyst would typically do manually
To describe the order in which analysts complete tasks
To provide a set of scenarios of predicted cyberattack methods
To plan a set of manual tasks to be completed by analysts
Question 3
Question text
What is a common use case for an implementation of SOAR by customers?
Select one:
Detecting zero-day attacks
Phishing investigations
Logging events and alerts
Guarding against DoS attacks
Question 4
Question text
What is alert fatigue?
Select one:
The SOAR system is overloaded by the amount of network traffic
Measures the time lag to resolve alerts
Analysts are overwhelmed by the number of alerts
Analysts reduce the number of alerts using SOAR
Question 5
Question text
What are three reasons SOAR is used? (Choose three.)
Select one or more:
Analyze workload
Collaborate with other analysts
Reduce alert fatigue
Accelerate response times
Compensate for the skill shortage
Lesson 10: SOAR Quiz Answers
Question: What is a common use case for an implementation of SOAR by customers?
Guarding against DoS attacks
Detecting zero-day attacks
Phishing investigations
Logging events and alerts
Question: Which statement best describes SOAR?
SOAR collects logs from all security tools to improve network visibility
SOAR orients the security team by defining and categorizing cyberattacks
SOAR plays out potential cyberattacks to improve network security preparedness
SOAR connects all security tools together into defined workflows that can be run automatically
Question: Which is a benefit of SOAR?
It deflects DDoS attacks and identifies the Command and Control source
It reports on which endpoints require patching and have security vulnerabilities
It increases security team efficacy by automating repetitive processes
It analyzes and generates a security score to measure improvements in network security
Question: What are playbooks used for?
To plan a set of manual tasks to be completed by analysts
To automate the actions that an analyst would typically do manually
To describe the order in which analysts complete tasks
To provide a set of scenarios of predicted cyberattack methods
Question: What is alert fatigue?
The SOAR system is overloaded by the amount of network traffic
Analysts are overwhelmed by the number of alerts
Measures the time lag to resolve alerts
Analysts reduce the number of alerts using SOAR
Question: What are three reasons SOAR is used? (Choose three.)
Compensate for the skill shortage
Collaborate with other analysts
Analyze workload
Accelerate response times
Reduce alert fatigue
No comments:
Post a Comment