Questions (74)
1. drag-drop
Security policy implementation - categorizing network traffic by plane
2. drag-drop
SIEM alert triage and classification
3. log-analysis
Malware indicators of compromise from IDS logs
4. log-analysis
false positive vs true positive classification
5. matching
security monitoring dashboard analysis
6. log-analysis
Intrusion detection signatures analysis
7. drag-drop
Security monitoring dashboard analysis for host anomalies
8. multiple-choice
Vulnerability CVE severity and patching priority
9. troubleshooting
SIEM alert triage SSH brute force false negative
10. ordered-steps
Phishing email header analysis using CLI
11. log-analysis
Identifying vulnerability CVE from syslog data
12. log-analysis
Incident response phases from IDS logs
13. multiple-choice
Lateral movement indicators via WMI and RDP
14. troubleshooting
Security policy implementation - NAC bypass and rogue device detection
15. multiple-choice
OSI layer anomaly detection via dashboard
16. troubleshooting
SOC tier escalation workflow troubleshooting
17. matching
Endpoint forensic artifacts – Windows event logs & registry
18. troubleshooting
DNS exfiltration detection via NetFlow and logs
19. multiple-choice
Vulnerability CVE severity and patching priority
20. drag-drop
CVE severity scoring and patch prioritization
21. log-analysis
False positive vs true positive classification
22. matching
NetFlow record field interpretation
23. matching
Phishing email header field analysis
24. log-analysis
SIEM alert triage and classification
25. log-analysis
phishing email header analysis with syslog correlation
26. ordered-steps
NetFlow data collection and analysis
27. log-analysis
Malware indicators of compromise from syslog
28. troubleshooting
Firewall policy misconfiguration allowing unauthorized access
29. log-analysis
Syslog analysis for privilege escalation detection
30. matching
Security policy implementation matching commands to effects
31. matching
SOC tier escalation workflow responsibilities
32. log-analysis
SIEM event correlation and alert analysis
33. log-analysis
MITRE ATT&CK framework mapping to host logs
34. drag-drop
NetFlow application protocol classification
35. multiple-choice
Incident response phases and containment
36. matching
Security policy implementation - tool-to-effect matching
37. matching
Incident response phases to actions
38. log-analysis
False positive vs true positive classification from syslog
39. log-analysis
MITRE ATT&CK framework mapping to log events
40. matching
endpoint forensic artifacts matching
41. multiple-choice
SIEM alert triage and classification
42. drag-drop
DNS exfiltration detection via host logs
43. matching
Phishing email header analysis
44. ordered-steps
Windows event log analysis for account compromise
45. log-analysis
SIEM alert triage RDP brute-force classification
46. log-analysis
Windows event log analysis for service persistence
47. ordered-steps
DNS exfiltration detection via host logs
48. log-analysis
Intrusion detection signature matching and alert analysis
49. log-analysis
NetFlow traffic anomaly detection analysis
50. log-analysis
Windows event log lateral movement detection
51. log-analysis
Intrusion detection signature matching and alert analysis
52. ordered-steps
Incident response phases ordered steps
53. ordered-steps
SOC tier escalation workflow CLI steps
54. matching
DNS exfiltration detection indicator matching
55. troubleshooting
Intrusion detection signature analysis and tuning
56. ordered-steps
Security monitoring dashboard analysis
57. troubleshooting
Incident response phases identification
58. log-analysis
SIEM alert triage syslog correlation
59. log-analysis
NetFlow anomaly detection and analysis
60. multiple-choice
NetFlow traffic anomaly detection and analysis
61. ordered-steps
Security policy implementation via CLI
62. matching
Windows security policy implementation and analysis
63. troubleshooting
security monitoring dashboard anomaly correlation
64. multiple-choice
Intrusion detection signature analysis with Snort
65. log-analysis
NetFlow traffic pattern analysis for C2 detection
66. ordered-steps
Windows Event Log analysis with wevtutil
67. ordered-steps
False positive vs true positive classification with Snort tuning
68. multiple-choice
DNS exfiltration via PowerShell script analysis
69. multiple-choice
SIEM alert triage and classification
70. ordered-steps
Lateral movement indicator identification via CLI
71. ordered-steps
Windows audit policy configuration via command line
72. multiple-choice
False positive vs true positive classification Windows event logs
73. troubleshooting
DNS exfiltration detection via policy violation
74. ordered-steps
Windows event log analysis for lateral movement