CompTIA SOT-001 - CompTIA Certification Exam
Question #1 (Topic: demo questions)
Which threat uses trusted system tools to avoid detection?
Correct Answer: B
Explanation:
File less malware leverages legitimate system tools and memory execution, making it harder to detect using traditional antivirus solutions.
Question #2 (Topic: demo questions)
Which phase of the attack lifecycle involves gaining initial access?
Correct Answer: C
Explanation:
Delivery and exploitation is the phase where attackers deliver payloads and exploit vulnerabilities to gain access to systems.
Question #3 (Topic: demo questions)
The MITRE ATT&CK framework is best described as:
Correct Answer: C
Explanation:
MITRE ATT&CK documents real-world adversary behaviors and maps tactics and techniques used during cyber attacks. It helps SOC teams improve detection and response.
Question #4 (Topic: demo questions)
A Tier 1 SOC analyst is mainly responsible for:
Correct Answer: B
Explanation:
Tier 1 analysts handle initial alert review, validation, and escalation to higher tiers if required. They focus on monitoring dashboards and identifying false positives.
Question #5 (Topic: demo questions)
A Security Operations Center (SOC) primarily exists to:
Correct Answer: B
Explanation: