ExamTopics Logo
Mail Us[email protected]
Menu
Servicenow Discussions
exam questions

Exam CIS-SIR All Questions

View all questions & answers for the CIS-SIR exam
Go to Exam

Exam CIS-SIR topic 1 question 118 discussion

Actual exam question from ServiceNow's CIS-SIR
Question #: 118
Topic #: 1
[All CIS-SIR Questions]

Select all of the following which are key features of the Malware Information Sharing Platform (Choose three.)

  • A. Dedicated MISP workspace for managing major security incidents
  • B. Auto-extract MITRE-ATT&CK™ information from MISP attributes and associate them to SIR security incidents
  • C. Attribute enrichment including adding or updating tags, galaxies, or attributes
  • D. Send malware to MISP for detonation
  • E. Add security incident associated observables as attributes to a MISP event
Show Suggested Answer Hide Answer
Suggested Answer: BCE 🗳️
by NokoNice at Dec. 22, 2024, 11:14 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
NokoNice
1 month ago
Selected Answer: BCE
Key features Support manual and automatic observable enrichment. Results include the MISP attribute and event information that is associated with the observables. Attribute enrichment in MISP which includes adding or updating tags, galaxies, or comments. Event creation in MISP from SIR: Supports manual and the automatic creation of events in MISP from SIR. Update a MISP event from SIR which includes adding or updating tags, galaxies, or attributes. Add security incident associated observables as attributes to a MISP event. Auto-extract MITRE-ATT&CK™ information from MISP attributes and associate the information to SIR security incidents. Automatically add SIR MITRE-ATT&CK™ information as galaxies to a MISP event.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago