Unit Review

A series of questions to ensure core concepts have been understood.
  1. 1 point
    What formats can the detection and response rules be written in?
  2. 1 point
    Complex logical evaluation is done using which of the following op values?
  3. 1 point
    What is the event name that is generated when a new process starts?
  4. 1 point
    What is the event name that is generated when a file is deleted?
  5. 1 point
    What is the name of the parameter used to check for a substring match?
  6. 1 point
    Which of the following operators do NOT take an additional operators.
  7. 1 point
    Which of the following parameters are available to all logical operations.