Certified SOC Analyst-CSA Quiz Questions and Answers

In which of the following attacks does the attacker exploit vulnerabilities in a computer application before the software developer can release a patch for them?

Answer :
  • Zero-day attack

InfoSystem LLC, a US-based company, is establishing an in-house SOC. John has been given the responsibility to finalize strategy, policies, and procedures for the SOC. Identify the job role of John.

Answer :
  • Chief Information Security Officer (CISO)

 What are the responsibilities of L1 Security analyst?

Answer :
  • Monitoring security incidents 24/7 from various SOC entry channels (SIEM, e-mail, firewall, IDS, IPS)

Which of the following factors determine the choice of SIEM architecture?

Answer :
  • Network Topology

Which of the following attack can be eradicated by converting all non-alphanumeric characters to HTML character entities before displaying the user input in search engines and forums?

Answer :
  • XSS Attacks

Which of the following steps of incident handling and response process focus on limiting the scope and extent of an incident?

Answer :
  • Containment

Which attack works like a dictionary attack, but adds some numbers and symbols to the words from the dictionary and tries to crack the password?

Answer :
  • Hybrid Attack

Identify the password cracking attempt involving a precomputed dictionary of plaintext passwords and their corresponding hash values to crack the password.

Answer :
  • Rainbow Table Attack

Which of the following Windows Event Id will help you monitors file sharing across the network?

Answer :
  • 5140

What type of event is recorded when an application driver loads successfully in Windows?

Answer :
  • Information