1
Q
List the four phases of the incident response process as documented in NIST 800-61r2
A
Preparation, Detection & Analysis, Containment Eradication & Recovery, and Post-Incident Activity
2
Q
Name the four stakeholders listed in the Cyber-security Capability Maturity Model
A
Decision makers, leaders, practitioners, facilitators
SecOps
flashcards
Decks in class (16)
# Cards
-
Chapter 1 - Defining Security Operations10
-
Chapter 2 - Understanding NSM Tools and Data8
-
Chapter 3 - Understanding Incident Analysis9
-
Chapter 4 - Identifying Resources for Hunting Cyber Threats0
-
Chapter 5 - Understanding Event and Correlation and Normalization0
-
Chapter 6 - Identifying Common Attack Vectors0
-
Chapter 7 - Identifying Malicious Activity0
-
Chapter 8 - Identifying Patterns of Suspicious Behaviour0
-
Chapter 9 - Conducting Security Incident Investigations0
-
Chapter 10 - Describing the SOC Playbook0
-
Chapter 11 - Understanding the SOC Metrics0
-
Chapter 12 - Understanding the SOC WMS0
-
Chapter 13 - Describing the Incident Response Plan0
-
Chapter 14 - Describing the Computer Security Incident Response Team7
-
Chapter 15 - Understanding the Use of VERIS5
-
External Sources2
