Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Security+ labs > lab 29 > Flashcards

lab 29 Flashcards

1
Q

The online malware hash analysis provided what result?

The file associated with the hash is a rootkit.

The file associated with the hash is a keystroke logger.

The file associated with the hash is unknown or is not known to be malware.

The file associated with the hash is ransomware.

A

The file associated with the hash is unknown or is not known to be malware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following playbook tasks must occur before the others?

Remove the suspicious file from the affected system(s).
Perform an online malware analysis using the hash value of the suspicious file.
Copy the zip archive of the suspicious file to a quarantine system.
Determine the rogue process’s name.

A

Determine the rogue process’s name.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What asset defines the steps needed to respond to a security incident, such as the specific roles, processes, and procedures that security staff must follow?

User Acceptance Policy
Playbook
Non-Disclosure Agreement
Runbook

A

Playbook

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A playbook is often considered what type of security control?

Responsive
Preventive
Detective
Deterrent

A

Responsive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What security solution scans security and threat intelligence data collected from multiple sources within the enterprise, then analyzes it using various techniques, and may trigger responses to take corrective action against discovered security violations?

NGFW
SIEM
SOAR
UEBA

A

SOAR

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following are true statements in regard to playbooks? (Select all that apply)

The most effective incident response playbooks are tailored to an organization’s specific security needs.

When creating an incident response playbook, organizations should ensure they have the right level of detail and that all necessary stakeholders are involved.

Generally, a playbook is used by a person, and a runbook is used by a SOAR platform in response to an incident or alert.

A playbook is designed to automate some of the routine tasks ordinarily performed by security personnel in response to a security incident.

A

When creating an incident response playbook, organizations should ensure they have the right level of detail and that all necessary stakeholders are involved.

Generally, a playbook is used by a person, and a runbook is used by a SOAR platform in response to an incident or alert.

A playbook is designed to automate some of the routine tasks ordinarily performed by security personnel in response to a security incident.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security+ labs (37 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions