10 Questions
What is the primary goal of profiling threat actors and activities?
To understand how threat actors function
What is a hypothesis in the Threat Hunting Process?
A tentative assumption to be tested
What is the purpose of generating a hypothesis in the Threat Hunting Process?
To investigate and test a tentative assumption
What is the MITRE ATT&CK Matrix used for?
To categorize and understand attacker tactics
What is the purpose of searching, clustering, grouping, stack counting, and machine learning in the Threat Hunting Process?
To test a hypothesis and investigate an assumption
What is the final step in the Threat Hunting Process?
Act on results
What is the purpose of combining various threat intelligence feeds?
To gain integrated intelligence
What is executable process analysis used for?
To analyze how malware functions
What is the first step in the Threat Hunting Process?
Profile threat actors and activities
What is the purpose of creating a calendar in the Threat Hunting Process?
To organize and prioritize tasks
Learn about the different levels of threat hunting, from Level 1 where existing SOC personnel perform ad hoc hunts to Level 3 where dedicated threat hunters follow a formal process. Understand the tools, processes, and data collection methods used at each level.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free