Monitoring, Logging & DFIR Skills Check MD100B
Skills Check Summary
0 of 10 Questions completed
You have already completed the skills check before. Hence you can not start it again.
Skills Check is loading…
You must sign in or sign up to start the skills check.
You must first complete the following:
0 of 10 Questions answered correctly
Time has elapsed
You have reached 0 of 0 point(s), (0)
Earned Point(s): 0 of 0, (0)
0 Essay(s) Pending (Possible Point(s): 0)
Which Windows event log section would normally contain data for user account logins?
In Windows Event Logs, do Event IDs remain consistent across different machines running the same software?
Which Windows event log section would normally contain information, errors, and warning reports of program activities?
In the context of cybersecurity, what does SOAR stand for?
In the context of SIEM, what does a False Negative indicate?
Which NIST Incident Response Lifecycle phase involves identifying and acknowledging the incident?
What is the primary focus of the ‘Preparation’ phase in NIST’s Incident Response Lifecycle?
During which phase of the Incident Response Lifecycle would eradication of the root cause occur?
In the context of digital forensics, what does ‘chain of custody’ refer to?
During which phase in the NIST Incident Response Lifecycle would lessons be learned and applied for future incidents?