Bird
0
0

In a SOAR system, what is the expected output of this playbook step?

medium📝 Analysis Q5 of 15
Cybersecurity - Advanced Threat Protection
In a SOAR system, what is the expected output of this playbook step?
if alert.source == 'phishing' then block_sender()
else notify_team()

When alert.source is 'spam'?
ATeam is notified
BSender is blocked
CNo action is taken
DSystem crashes
Step-by-Step Solution
Solution:

  1. Step 1: Check condition with alert.source 'spam'

    'spam' == 'phishing' is false, so else branch runs.

  2. Step 2: Identify else action

    notify_team() is executed when condition is false.

  3. Final Answer:

    Team is notified -> Option A

  4. Quick Check:

    Condition false = notify team [OK]
Quick Trick: Else runs when condition is false [OK]
Common Mistakes:
MISTAKES
  • Blocking sender on wrong source
  • Assuming no action on false
  • Expecting system error

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Cybersecurity Quizzes
Advanced Threat Protection - Advanced Persistent Threats (APT) - Quiz 6medium Advanced Threat Protection - Threat hunting techniques - Quiz 1easy Digital Forensics - Memory forensics basics - Quiz 14medium Emerging Security Topics - Quantum computing threats to cryptography - Quiz 14medium Emerging Security Topics - Quantum computing threats to cryptography - Quiz 4medium Emerging Security Topics - AI in cybersecurity (defense and offense) - Quiz 1easy Incident Response - Eradication and recovery - Quiz 15hard Security Architecture and Design - Why secure design prevents vulnerabilities - Quiz 10hard Security Architecture and Design - Threat modeling (STRIDE, DREAD) - Quiz 12easy Security Architecture and Design - Why secure design prevents vulnerabilities - Quiz 12easy