What is a difference between SOAR and SIEM?

1. A. SOAR platforms are used for threat and vulnerability management, but SIEM applications are not
2. B. SIEM applications are used for threat and vulnerability management, but SOAR platforms are not
3. C. SOAR receives information from a single platform and delivers it to a SIEM
4. D. SIEM receives information from a single platform and delivers it to a SOAR

Correct Answer: A

What is the difference between mandatory access control (MAC) and discretionary access control (DAC)?

1. A. MAC is controlled by the discretion of the owner and DAC is controlled by an administrator
2. B. MAC is the strictest of all levels of control and DAC is object-based access
3. C. DAC is controlled by the operating system and MAC is controlled by an administrator
4. D. DAC is the strictest of all levels of control and MAC is object-based access

Correct Answer: B

A user received a targeted spear-phishing email and identified it as suspicious before opening the content. To which category of the Cyber Kill Chain model does to this type of event belong?

1. A. weaponization
2. B. delivery
3. C. exploitation
4. D. reconnaissance

Correct Answer: B

At which layer is deep packet inspection investigated on a firewall?

1. A. internet
2. B. transport
3. C. application
4. D. data link

Correct Answer: C
Deep packet inspection is a form of packet filtering usually carried out as a function of your firewall. It is applied at the Open Systems Interconnection's application layer. Deep packet inspection evaluates the contents of a packet that is going through a checkpoint.

How does certificate authority impact a security system?

1. A. It authenticates client identity when requesting SSL certificate
2. B. It validates domain identity of a SSL certificate
3. C. It authenticates domain identity when requesting SSL certificate
4. D. It validates client identity when communicating with the server

Correct Answer: B