Scenario Based SOC Analyst Interview Questions and Answers | Part 1 | Security Analysts | SOC| Cyber
ฝัง
- เผยแพร่เมื่อ 28 มิ.ย. 2024
- SOC Interview Q&A: • SOC Analyst Interview ...
Scenario Based SOC Interview Q&A Part 2: • Scenario Based SOC Ana...
CyberSecurity Interview Question and Answer Playlist: • CyberSecurity Intervie...
Incident Response Lifecycle : • Incident Response Life...
EDR Interview: • EDR Interview Question...
Subscribe here: / @cyberplatter8980
CyberPlatter Discord Channel: / discord
![[Watch Party] APL 2024 รอบ 8 ทีมสุดท้าย ไทยต้องแชมป์ !](http://i.ytimg.com/vi/NctOkvaex-Y/mqdefault.jpg)
Finally started, Thanks for starting this session, It will help alot, please include Real time SIEM Scenario questions & answer with use cases, Thanks in Advance & Have a great year ahead 🙂
This is good information. it does leave out one critical part in the beginning: whether the employee took action on the email. If the employee simply opened the email, and realized it was spam/phishing/etc, they could simply just report it, mark it as spam/phishing, allow a cyber review of the email, and then delete once in the clear. If they do take action shes giving good steps to take.
How to start career as SOC what are the basic tools and knowledge to have while appearing for SOC Analyst
Hi Mam,
Can you make videos on below mentioned Topic, as in whole youtube No one has done till now,
So i request to please make
"How to create use cases & How to Develop use cases with correlation Rules for All SIEM"
Thanks in Advance Have a Great year ahead.
Very informative
Informative video
Thanks . Very informative videos
Glad it helped!
Thanks for your help ❤
You're welcome 😊
thank you help a lot of information sharing.
Glad it was helpful!
Thank you. I am not an IT specialist, and all this is fascinating.
I have a question. If that employee (who actually paid attention to the IT security training) had not opened that suspicious email, do you need to take all those steps that are hugely disruptive? Can you not contain the suspicious email and analyse it?
I think it is more likely that you need to worry about the others in the organisation because the phishing attack might have been deployed at a larger scale and not all employees are as careful as the one who reported it. What would you do? Scan all network for that (and similar) email, isolate it, see on what devices it was open and quarantine those?
PS- I love your Eastern European accent (is it Romanian? Hungarian?).
Many thanks.
Hello madam, this video is really awesome. I have a question. If email is opened then it is fine. If user has accessed any attachment or links then it should be necessary to isolate. Pls confirm
Do you guys offer classes?
These questions are relevant for which level..? L1 , L2 or L3.....
All positions mainly L1 and some l2
Can we get pdf of these questions?
Ma'am, If the user has not opened/accessed any contents of the email in the first question. Is it still necessary to perform the device isolation, disabling the user from AD.?
Hi, Priya, the user is the one who is reporting the email (so they have at least opened the email) and the analyst is sure is a malicious one in this scenario. So, the immediate action is isolation. But if the user has not opened the email at all, you don't have to consider this.
Opening email and opening attachments... Any different process for these two scenarios??
Hi Ma'am, I have googled this. "If you open an email from a scammer without interacting with it, it won’t infect your machine, but the scammer will be able to gather data to use for targeted cyber attacks. For example, the scammer may be able to gather your IP address, the Operating System (OS) that you use and your location"