In which of the following incident handling and response stages, the root cause of the incident must be found from the forensic results?

• A.Systems Recovery
• B.Evidence Handling
• C.Eradication
• D.Evidence Gathering

Comment: *

Name: *

Email: *

Verification: *

Which of the following fields in Windows logs defines the type of event occurred, such as Correlation Hint, Response Time, SQM, WDI Context, and so on?

• A.Source
• B.Task Category
• C.Keywords
• D.Level

Comment: *

Name: *

Email: *

Verification: *

In which phase of Lockheed Martin's - Cyber Kill Chain Methodology, adversary creates a deliverable malicious payload using an exploit and a backdoor?

• A.Reconnaissance
• B.Delivery
• C.Weaponization
• D.Exploitation

Comment: *

Name: *

Email: *

Verification: *

Emmanuel is working as a SOC analyst in a company named Tobey Tech. The manager of Tobey Tech recently recruited an Incident Response Team (IRT) for his company. In the process of collaboration with the IRT, Emmanuel just escalated an incident to the IRT.
What is the first step that the IRT will do to the incident escalated by Emmanuel?

• A.Incident Recording
• B.Incident Prioritization
• C.Incident Analysis and Validation
• D.Incident Classification

Comment: *

Name: *

Email: *

Verification: *

Which of the following threat intelligence is used by a SIEM for supplying the analysts with context and
"situational awareness" by using threat actor TTPs, malware campaigns, tools used by threat actors.
1.Strategic threat intelligence
2.Tactical threat intelligence
3.Operational threat intelligence
4.Technical threat intelligence

• A.2 and 3
• B.1 and 2
• C.3 and 4
• D.1 and 3

Comment: *

Name: *

Email: *

Verification: *