A. To monitor the health of IT equipment
B. To provide technical support to end-users
C. To generate financial reports
D. To automate responses to detected events
A. There are four subtechniques that fall under technique T1071.
B. There are four techniques that fall under tactic T1071.
C. There are 15 events associated with the tactic.
D. There are event handlers that cover tactic T1071.
A. To increase sales and marketing efforts
B. To minimize the impact of false positives
C. To ensure seamless business operations
D. To quickly contain and mitigate threats
A. To ensure that entertainment is provided during breaks
B. To maintain a catalog of ready-to-deploy response strategies
C. To manage the cafeteria menu in the SOC
D. To handle the recruitment of new SOC personnel
A. The AMER HQ SOC team cannot run automation playbooks from the Fabric supervisor.
B. The APAC SOC team has access to FortiView and other reporting functions.
C. The EMEA SOC team has access to historical logs only.
D. The AMER HQ SOC team must configure high availability (HA) for the supervisor node.
A. ON DEMAND
B. INCIDENT
C. EVENT
D. ON SCHEDULE
A. By increasing the time it takes to respond to incidents
B. By allowing for a quicker isolation of affected systems
C. By providing data for marketing strategies
D. By reducing the importance of endpoint security
A. Initial Access
B. Execution
C. Discovery
D. Persistence
A. Aligning tasks with the specific stages of incident response
B. Ensuring tasks are scheduled during office hours only
C. Limiting tasks to non-critical alerts
D. Making tasks visible to external stakeholders