Home > Articles > Cybersecurity and the Security Operations Center

Cybersecurity and the Security Operations Center

Chapter Description

In this sample chapter from CCNA Cybersecurity Operations Companion Guide and the Cisco Networking Academy, you will learn about the who, what, and why of cyberattacks—plus review available resources to prepare for a career in cybersecurity operations.

Check Your Understanding

Complete all the review questions listed here to test your understanding of the topics and concepts in this chapter. The appendix “Answers to the ‘Check Your Understanding’ Questions” lists the answers.

  1. A computer is presenting a user with a screen requesting payment before the user data is allowed to be accessed by the same user. What type of malware is this?

    1. A type of virus

    2. A type of logic bomb

    3. A type of ransomware

    4. A type of worm

  2. What is cyberwarfare?

    1. It is an attack only on military targets.

    2. It is an attack on a major corporation.

    3. It is an attack that only involves robots and bots.

    4. It is an attack designed to disrupt, corrupt, or exploit national interests.

  3. How can a security information and event management system in an SOC be used to help personnel fight against security threats?

    1. By collecting and filtering data

    2. By filtering network traffic

    3. By authenticating users to network resources

    4. By encrypting communications to remote sites

  4. Which three technologies should be included in an SOC security information and event management system? (Choose three.)

    1. Proxy service

    2. User authentication

    3. Threat intelligence

    4. Security monitoring

    5. Intrusion prevention

    6. Event collection, correlation, and analysis

  5. What name is given to hackers who hack for a political or social cause?

    1. White hat

    2. Hacker

    3. Hacktivist

    4. Blue hat

  6. Which organization is an international nonprofit organization that offers the CISSP certification?

    1. (ISC)2

    2. IEEE

    3. GIAC

    4. CompTIA

  7. After a security incident is verified in a SOC, an incident responder reviews the incident but cannot identify the source of the incident and form an effective mitigation procedure. To whom should the incident ticket be escalated?

    1. A cyberoperations analyst for help

    2. An SME for further investigation

    3. An alert analyst for further analysis

    4. The SOC manager to ask for other personnel to be assigned

  8. The term Alert Analyst refers to which group of personnel in an SOC?

    1. Tier 1 personnel

    2. Tier 2 personnel

    3. Tier 3 personnel

    4. SOC managers

  9. What is a rogue wireless hotspot?

    1. It is a hotspot that was set up with outdated devices.

    2. It is a hotspot that does not encrypt network user traffic.

    3. It is a hotspot that does not implement strong user authentication mechanisms.

    4. It is a hotspot that appears to be from a legitimate business but was actually set up by someone without the permission from the business.

There are currently no related articles. Please check back later.