Soru 1: What are playbooks used for?
The plan an analyst creates to complete a task manually.
To automate actions an analyst typically would have to complete manually.
To optimize manual processes.
To describe the order analyst’s complete tasks.
Soru 2: What is alert fatigue?
When the number of alerts decline.
When an analyst is overwhelmed from the number of alerts coming in.
When a team reduces the number of alerts coming in using SOAR.
When a SOAR solution is overloaded with alerts.
Soru 3: What does the acronym SOAR stand for?
Security, Orchestration, Automation, & Response
Situation, Opportunity, Action, & Result
Single out, On the board, Asked, & Repeated
Situation, Orientation, Adroit, & Replication
Soru 4: Why is SOAR used?
To collaborate with other analysts during investigations.
To synchronize tools, accelerate response times, reduce alert fatigue, and compensate for the skill shortage gap.
To replace tier 1 analysts and automate all of their tasks.
To analyze workload, organize an analysts tasks, and allow teams to respond using their own processes.
Soru 5: Identify a benefit of SOAR.
Reports on all endpoints that require patching.
Elevates the security team’s sense of success.
Analyzes and generates a security score to better measure improvements in network security.
Increases your security teams efficiency by automating repetitive manual processes.