Which of the following is primarily responsible for identifying vulnerabilities in an organization’s IT infrastructure?
The vulnerability management team focuses on identifying and managing vulnerabilities in an organization's systems and infrastructure, conducting regular scans, and applying patches or fixes.
What is the purpose of implementing security information and event management (SIEM) in a security operations center (SOC)?
SIEM systems help to centralize and analyze security logs, providing real-time monitoring, alerting, and response capabilities in a SOC.
Which of the following best describes the concept of "least privilege" in security operations?
The principle of least privilege ensures that users only have access to the specific resources necessary for their role, minimizing the risk of unauthorized access or damage.
What should be the first step in the incident response process after identifying a potential security breach?
Containment is the first critical step to limit the spread of the breach. Eradication and recovery come later, after containment.
A company is implementing an encryption solution to protect sensitive customer data. Which type of encryption would be most appropriate to secure data stored in the company’s database?
Database encryption specifically protects data at rest in the database. While TLS secures data in transit and FDE encrypts the entire disk, database encryption focuses on securing the sensitive data stored in the database itself.