Network Security
What security device inspects and filters incoming and outgoing network traffic?
What is Firewall?
Which type of malware is self-replicating and spreads without user intervention?
What is Worm?
What phase of incident response focuses on readiness and planning?
What is Preparation?
What does a SIEM system primarily do?
What is log correlation?
Which protocol ensures secure communication over a network, typically used in web browsing?
What is HTTPS?
What type of malware masquerades as legitimate software to deceive users?
What is Trojan?
What action involves gathering evidence after detecting an incident?
What is Forensics?
What is the primary objective of a Security Operations Center (SOC)?
What is threat monitoring?
What technique isolates critical network segments to minimize potential breaches?
What is Segmentation?
What is the initial, non-execution analysis of malware called?
What is Static Analysis?
What type of containment is implemented immediately to stop an active threat?
What is Containment?
What is Short-term Containment?
What tool is often used to automate repetitive tasks in a SOC?
What is SOAR?
What network component separates an internal network from external access?
What is DMZ?
Which tool is commonly used to safely execute and observe malware behavior?
What is Sandbox?
What is the process of restoring normal operations after an incident?
What is Recovery?
What practice involves continuously testing defenses by simulating attacks?
What is Red Teaming?
What process involves controlling which devices can access network resources?
What is Network Access Control?
What term describes the traces or artifacts left by malware that indicate a system compromise?
What are Indicators of Compromise?
What is the final step in incident response that involves improving future defenses?
What is Lessons Learned?
What is the role of a Threat Hunter within a SOC?
What is proactive detection?