Monitoring, Logging & DFIR Skills Check MD100B
Skills Check Summary
0 of 10 Questions completed
Questions:
Information
You have already completed the skills check before. Hence you can not start it again.
Skills Check is loading…
You must sign in or sign up to start the skills check.
You must first complete the following:
Results
Results
0 of 10 Questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 point(s), (0)
Earned Point(s): 0 of 0, (0)
0 Essay(s) Pending (Possible Point(s): 0)
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- Current
- Review
- Answered
- Correct
- Incorrect
-
Question 1 of 10
1. Question
Which Windows event log section would normally contain data for user account logins?
-
Question 2 of 10
2. Question
In Windows Event Logs, do Event IDs remain consistent across different machines running the same software?
-
Question 3 of 10
3. Question
Which Windows event log section would normally contain information, errors, and warning reports of program activities?
-
Question 4 of 10
4. Question
In the context of cybersecurity, what does SOAR stand for?
-
Question 5 of 10
5. Question
In the context of SIEM, what does a False Negative indicate?
-
Question 6 of 10
6. Question
Which NIST Incident Response Lifecycle phase involves identifying and acknowledging the incident?
-
Question 7 of 10
7. Question
What is the primary focus of the ‘Preparation’ phase in NIST’s Incident Response Lifecycle?
-
Question 8 of 10
8. Question
During which phase of the Incident Response Lifecycle would eradication of the root cause occur?
-
Question 9 of 10
9. Question
In the context of digital forensics, what does ‘chain of custody’ refer to?
-
Question 10 of 10
10. Question
During which phase in the NIST Incident Response Lifecycle would lessons be learned and applied for future incidents?