Certified SOC Analyst-CSA Quiz Questions and Answers
In which of the following attacks does the attacker exploit vulnerabilities in a computer application before the software developer can release a patch for them?
Answer :
Zero-day attack
What are the responsibilities of L1 Security analyst?
Answer :
Monitoring security incidents 24/7 from various SOC entry channels (SIEM, e-mail, firewall, IDS, IPS)
Which of the following factors determine the choice of SIEM architecture?
Answer :
Network Topology
Which of the following attack can be eradicated by converting all non-alphanumeric characters to HTML character entities before displaying the user input in search engines and forums?
Answer :
XSS Attacks
Which of the following steps of incident handling and response process focus on limiting the scope and extent of an incident?
Answer :
Containment
Which attack works like a dictionary attack, but adds some numbers and symbols to the words from the dictionary and tries to crack the password?
Answer :
Hybrid Attack
Identify the password cracking attempt involving a precomputed dictionary of plaintext passwords and their corresponding hash values to crack the password.
Answer :
Rainbow Table Attack
Which of the following Windows Event Id will help you monitors file sharing across the network?
Answer :
5140
What type of event is recorded when an application driver loads successfully in Windows?
Answer :
Information
According to the forensics investigation process, what is the next step carried out right after collecting the evidence?