o uncover unknown threats that may have evaded detection by existing security tools or controls, and to mitigate them before they cause damage or data loss.
To create a new security baseline that reflects the current state of the network, and to identify any anomalies or deviations from the normal behavior or activity.
C. To uncover unknown threats
By definition, Threat hunting is the process of actively searching for threats that may be lurking in a network or environment, undetected by traditional security controls
E. To create a new security baseline
A security baseline is a set of security controls that are considered to be the minimum necessary to protect an information system or asset. It is a starting point for improving the security of an organization, and it can be used to assess the current security posture of an organization and identify areas where improvement is needed. In the official book of comptia is described as one of the benefits of threat hunting as an opportunity to redesign systems, controls, configuration, data protection, etc. to reduce the overall attack surface.
Why not D? I think that optimizing rules is part of a broader concept which is create a new security baseline what covers all the new security posture aspects of the organization that the threat hunting process discovered.
C. To uncover unknown threats: Threat hunting involves actively seeking out security threats and anomalies that may not have triggered traditional security alerts. This proactive approach helps identify threats that might otherwise go undetected.
F. To improve user awareness about security threats: By conducting threat-hunting activities and sharing the findings with users and employees, organizations can raise awareness about security threats and encourage a culture of cybersecurity awareness among their staff. This helps users become more vigilant and security-conscious, reducing the likelihood of falling victim to threats.
A and D as they are mentioned in the definition below:
Threat hunting is the practice of proactively searching for cyber threats that are lurking undetected in a network. Cyber threat hunting digs deep to find malicious actors in your environment that have slipped past your initial endpoint security defenses
Moderator, please remove my vote, as I meant C AND D
upvoted 2 times
...
...
This section is not available anymore. Please use the main Exam Page.CS0-002 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
skibby16
1 year, 7 months agogrelaman
1 year, 8 months agogrelaman
1 year, 8 months ago[Removed]
1 year, 7 months agoskibby16
1 year, 8 months agoSaphi
1 year, 9 months agoDree_Dogg
1 year, 9 months agoAbz1999
1 year, 9 months agoAbz1999
1 year, 9 months ago