A company's Chief Information Security Officer (CISO) is reviewing KPls from me security operations team These KPls indicate the following trends
• The mean time to close security events that have been escalated to a Tier 2 analyst has not changed
• The average tenure for Tier 1 security analysts has fallen from 12 months to 9 months
• The percentage of events escalated from a Tier 1 analyst to a Tier 2 analyst has increased from 50 to 75.
• The mean time to pick up and respond to a security event has not changed
• Resource and event volumes have not changed
• The overall mean time to close security events has increased from 8 hours to 12 hours
Which of the following actions is MOST likely to result in a sustainable improvement in these KPls?
An online shopping site restricts the quantity of an item each customer can order. The site generates the following code when the customer clicks the submit button.
However, customers are still able to order more man three of the item. Which of the following would a security analyst MOST likely use to investigate the issue?
A factory-floor system uses critical legacy, and unsupported application software to enable factory operations A latent vulnerability was recently exposed, which permitted attackers to send a specific string of characters followed by arbitrary code for execution Patches are unavailable, as the manufacturer is no longer m business Which of the following would be the BEST approach the company should take to mitigate the risk of this vulnerability and other latent vulnerability exploits'' (Select TWO)
A Chief Information Security Officer (CISO) wants to set up a SOC to respond to security threats and events more quickly. The SOC must have the following capacities:
• Real-time response
• Visualization
• Threat intelligence integration
• Cross-referencing from multiple sources
• Deduplication
Which of the following technologies would BEST meet these requirements?
Copyright © 2014-2024 CertsTopics. All Rights Reserved
