- (Exam Topic 3)
A commercial cyber-threat intelligence organization observes IoCs across a variety of unrelated customers. Prior to releasing specific threat intelligence to other paid subscribers, the organization is MOST likely
obligated by contracts to:
Correct Answer:
B
- (Exam Topic 6)
Which of the following identifies the point in time when an organization will recover data in the event of an outage?
Correct Answer:
B
- (Exam Topic 5)
A systems administrator is considering different backup solutions for the IT infrastructure. The company is looking for a solution that offers the fastest recovery time while also saving the most amount of storage used to maintain the backups. Which of the following recovery solutions would be the BEST option to meet these requirements?
Correct Answer:
B
- (Exam Topic 1)
The SOC for a large MSSP is meeting to discuss the lessons learned from a recent incident that took much too long to resolve This type of incident has become more common in recent weeks and is consuming large amounts of the analysts' time due to manual tasks being performed Which of the following solutions should the SOC consider to BEST improve its response time?
Correct Answer:
C
SOAR (Security Orchestration, Automation, and Response) Can use either playbook or runbook. It assists in collecting threat related data from a range of sources and automate responses to low level threats. (frees up some of the CSIRT time)
- (Exam Topic 3)
On which of the following is the live acquisition of data for forensic analysis MOST dependent? (Choose two.)
Correct Answer:
EF
