PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER · Question #78
PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER Question #78: Real Exam Question with Answer & Explanation
The correct answer is B. Use the number of detections from the response JSON in a conditional statement to set the E. Use a conditional statement to determine whether to treat the URL as suspicious or benign.. Use the number of detections returned in the VirusTotal JSON response in a conditional statement to programmatically determine the severity of the alert. This quantifies the threat level based on multiple vendor detections. Implement a conditional statement to classify the URL as
Question
Options
- ACreate a widget that translates the JSON output to a severity score.
- BUse the number of detections from the response JSON in a conditional statement to set the
- CVerify that the response is accurate by manually checking the URL in VirusTotal
- DPass the response back to the SIEM.
- EUse a conditional statement to determine whether to treat the URL as suspicious or benign.
Explanation
Use the number of detections returned in the VirusTotal JSON response in a conditional statement to programmatically determine the severity of the alert. This quantifies the threat level based on multiple vendor detections. Implement a conditional statement to classify the URL as suspicious or benign based on the VirusTotal results. This enables the playbook to provide a preliminary recommendation and guide subsequent analyst actions.
Community Discussion
No community discussion yet for this question.