What is the difference between vulnerability and risk?
Question 192
The security team has detected an ongoing spam campaign targeting the organization. The team's approach is to push back the cyber kill chain and mitigate ongoing incidents. At which phase of the cyber kill chain should the security team mitigate this type of attack?
Question 193
What describes the concept of data consistently and readily being accessible for legitimate users?
Question 194
How does an attack surface differ from an attack vector?
Question 195
What describes the defense-in-depth principle?
Question 196
What is a collection of compromised machines that attackers use to carry out a DDoS attack?
Question 197
What is the difference between inline traffic interrogation (TAPS) and traffic mirroring (SPAN)?
Question 198
A security engineer notices confidential data being exfiltrated to a domain `Ransome4144-mware73-978` address that is attributed to a known advanced persistent threat group. The engineer discovers that the activity is part of a real attack and not a network misconfiguration. Which category does this event fall under as defined in the Cyber Kill Chain?
Question 199
Which of these describes SOC metrics in relation to security incidents?
Question 200
What is a benefit of using asymmetric cryptography?
