SOC Analyst Quiz Total 10 Questions Please enter your email: 1. What protocol is commonly used for secure communication over the Internet? HTTP HTTPS FTP SMS 2. What does VPN stand for? Variable Path Networking Virtual Private Network Very Personal Note Verified Public Network 3. Following a security breach, you are tasked with performing forensic analysis on an affected server. Which of the following steps should you prioritize to ensure the integrity of the forensic investigation? Begin data recovery procedures on the server. Analyze the most recently modified files first. Immediately disconnect the server from the network. Capture a bit-by-bit image of the server’s hard drive. 4. Which regulation requires companies to protect the personal data and privacy of EU citizens for transactions that occur within EU member states? CCPA HIPAA GDPR PIPEDA 5. A SOC is optimizing its SIEM to detect multi-stage attack campaigns more effectively. Which approach to configuring correlation rules would BEST improve detection capabilities for such attacks? Limiting rules to match only high-confidence indicators of compromise Developing complex, multi-condition rules that match the behaviors of known attack campaigns Creating simple, broad rules that generate alerts for any anomalous activities Focusing on threshold-based rules that alert based on the volume of similar events in a short time 6. What is phishing? A fishing technique A type of computer game A software development methodology A technique to trick individuals into revealing personal information 7. What principle is MOST important when developing secure software applications? Ensuring the application is feature-rich to meet all user demands Regularly updating libraries and dependencies to their latest versions Validating and sanitizing all input data Writing code as quickly as possible to meet deadlines 8. What is the main purpose of a firewall in a network? To monitor employee productivity To serve web pages To block unauthorized access To increase internet speed 9. When hardening SSH configurations on a Linux server, which of the following actions increases security the most? Disabling root login over SSH Changing the default SSH port Enabling password authentication Increasing the verbosity level of logging 10. A threat hunter in the SOC is investigating potential indicators of compromise within the network. They notice an unusually high volume of outbound network traffic from a server that typically has minimal outbound traffic. Which of the following could be a plausible explanation for this anomaly? The server has been compromised and is exfiltrating data. A user is downloading a large file. The server is performing a software update. The network monitoring tool is malfunctioning. Loading … Question 1 of 10
