Q1. What are playbooks used for?
To optimize manual processes.
The plan an analyst creates to complete a task manually.
To describe the order analyst’s complete tasks.
To automate actions an analyst typically would have to complete manually.
Q2. What does the acronym SOAR stand for?
Single out, On the board, Asked, & Repeated
Situation, Orientation, Adroit, & Replication
Security, Orchestration, Automation, & Response
Situation, Opportunity, Action, & Result
Q3. Identify a benefit of SOAR.
Increases your security teams efficiency by automating repetitive manual processes.
Reports on all endpoints that require patching.
Analyzes and generates a security score to better measure improvements in network security.
Elevates the security team’s sense of success.
Q4. From the choices below, what is the best description of S.O.A.R?
Correctly orients the security team to address the cyber threat according to the situation.
Combines the processes and the security tools available to exploit opportunities given a particular situation.
Connects all tools in your security stack together into defined workflows that can be run automatically.
Q5. Why is SOAR used?
To replace tier 1 analysts and automate all of their tasks.
To analyze workload, organize an analysts tasks, and allow teams to respond using their own processes.
To collaborate with other analysts during investigations.
To synchronize tools, accelerate response times, reduce alert fatigue, and compensate for the skill shortage gap.