SOAR Quiz Answers NSE 2

Fig 1:SOAR Quiz Answers NSE 2

 Question 1: What are playbooks used for?

·         To describe the order analyst’s complete tasks.

·         To optimize manual processes.

·         The plan an analyst creates to complete a task manually.

·         To automate actions an analyst typically would have to complete manually.

Question 2: From the choices below, what is the best description of S.O.A.R?

·         Combines the processes and the security tools available to exploit opportunities given a particular situation.

·         Connects all tools in your security stack together into defined workflows that can be run automatically.

·         Correctly orients the security team to address the cyber threat according to the situation.

Question 3: Why is SOAR used?

·         To synchronize tools, accelerate response times, reduce alert fatigue, and compensate for the skill shortage gap.

·         To collaborate with other analysts during investigations.

·         To analyze workload, organize an analysts tasks, and allow teams to respond using their own processes.

·         To replace tier 1 analysts and automate all of their tasks.

Question 4: What is alert fatigue?

·         When a SOAR solution is overloaded with alerts.

·         When a team reduces the number of alerts coming in using SOAR.

·         When an analyst is overwhelmed from the number of alerts coming in.

·         When the number of alerts decline.

Question 5 : What does the acronym SOAR stand for?

·         Situation, Opportunity, Action, & Result

·         Single out, On the board, Asked, & Repeated

·         Security Orchestration, Automation, & Response

·         Situation, Orientation, Adroit, & Replication

Question 6: Identify a benefit of SOAR.

·         Increases your security teams efficiency by automating repetitive manual processes.

·         Analyzes and generates a security score to better measure improvements in network security.

·         Reports on all endpoints that require patching.

·         Elevates the security team’s sense of success.

Question 7: What are three reasons SOAR is used? (Choose three.)
Select one or more:

·         Analyze workload

·         Compensate for the skill shortage*

·         Accelerate response times*

·         Reduce alert fatigue*

·         Collaborate with other analysts

Question 8: What is a common use case for an implementation of SOAR by customers?
Select one:

·         Phishing investigations*

·         Detecting zero-day attacks

·         Logging events and alerts

·         Guarding against DoS attacks

Question 9: Which statement best describes SOAR?
Select one:

·         SOAR connects all security tools together into defined workflows that can be run automatically*

·         SOAR orients the security team by defining and categorizing cyberattacks

·         SOAR collects logs from all security tools to improve network visibility

·         SOAR plays out potential cyberattacks to improve network security preparedness