Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam SY0-601 Topic 4 Question 78 Discussion

Actual exam question for CompTIA's SY0-601 exam
Question #: 78
Topic #: 4
[All SY0-601 Questions]

The primary goal of the threat-hunting team at a large company is to identify cyberthreats that the SOC has not detected. Which of the following types of data would the threat-hunting team primarily use to identify systems that are exploitable?

Show Suggested Answer Hide Answer
Suggested Answer: A

A vulnerability scan is a type of data that can identify systems that are exploitable by detecting known weaknesses and misconfigurations in the software and hardware. Packet capture, threat feed, and user behavior are types of data that can help identify malicious activities or indicators of compromise, but not necessarily the systems that are vulnerable to exploitation.


by Nieves at Apr 10, 2024, 02:10 PM

Limited Time Offer

25%

Off

Get Premium SY0-601 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Janna
13 hours ago
Good point, but I feel the threat feed is also crucial. That'll give them the latest intel on emerging threats they need to be on the lookout for.
upvoted 0 times
...
Vicky
1 days ago
That's a good point, Son. But I think packet capture is still the most comprehensive approach. You can see everything that's happening, not just known threats.
upvoted 0 times
...
Frankie
2 days ago
I'm not so sure about that. Wouldn't the packet capture give them more insights into the actual traffic and potential threats that are sneaking through the SOC's detection?
upvoted 0 times
...
Son
2 days ago
Hmm, I was thinking C) Threat feed might be the way to go. The threat-hunting team could use that to identify known exploits and then look for systems that might be vulnerable to them.
upvoted 0 times
...
Augustine
2 days ago
Hmm, this seems like an interesting question. I'd say the primary data the threat-hunting team would use is the vulnerability scan. That'll give them a clear picture of the systems that are exploitable, right?
upvoted 0 times
...
Serita
3 days ago
I agree with Pearline. Packet capture seems like the best option here. You can see the actual traffic going in and out of the network, and that might reveal something the SOC missed.
upvoted 0 times
...
Pearline
6 days ago
Yeah, it's a tough one. I'm leaning towards B) Packet capture, but I'm not 100% confident. Vulnerability scans can give you a good idea of what's exploitable, but I think the threat-hunting team would want to actually see what's happening on the network.
upvoted 0 times
...
Trevor
7 days ago
Whoa, this question is tricky! I'm not sure if I'd be able to answer it correctly. What do you guys think?
upvoted 0 times
...

Save Cancel