Knowledge check

Choose the best response for each of the questions below. Then select Check your answers.

Check your knowledge

Which of the following best describes a good Hypothesis?

is Time-bound

focuses on known Indicators

focuses on all current threats

Threat Hunting is considered which of the following?

Retroactive.

Reactive.

Proactive.

"We want to check which accounts have run cmd.exe." Why is this hypothesis poor?

Cmd.exe isn't a program.

Accounts aren't associated with the running of cmd.exe

The scope is too broad.

You must answer all questions before checking your work.