This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Choose the best response for each of the questions below.
Which of the following best describes a good Hypothesis?
is Time-bound
focuses on known Indicators
focuses on all current threats
Threat Hunting is considered which of the following?
Retroactive.
Reactive.
Proactive.
"We want to check which accounts have run cmd.exe." Why is this hypothesis poor?
Cmd.exe isn't a program.
Accounts aren't associated with the running of cmd.exe
The scope is too broad.
You must answer all questions before checking your work.
Was this page helpful?