The following is a list of questions that you can use to test your knowledge regarding this chapter's material. You will find the answers in the Assessments section of the Appendix:
- Which of the following is NOT an event streaming protocol?
- IPFIX
- SNMP
- NetFlow
- STIX
- Which of the following best describes a field that employs statistical techniques to train for computation?
- Artificial intelligence
- Machine learning
- Data science
- Advanced analytics
- What is the primary use case for deep learning in security?
- Lateral movement detection
- Session stitching
- Packet inspection
- Supervised learning
- What term is used for the driven execution of actions on security tools and IT systems?
- Orchestration
- Automation
- Collaboration
- Response
- What metric is used in SOCs that measures how long compromises, on average, have been present?
- MTTR
- MITRE
- MTTD
- Ticket count
- What two new capabilities distinguish next-generation SIEM from SIEM? (Choose two)
- CASB
- SOAR
- UEBA
- IDS
- Which of the...