Certified SOC Analyst (CSA) — Question 10

Which of the following is a report writing tool that will help incident handlers to generate efficient reports on detected incidents during incident response process?

Answer options

• A. threat_note
• B. MagicTree
• C. IntelMQ
• D. Malstrom

Correct answer: B

Explanation

The correct answer is B, MagicTree, as it is specifically designed to aid in the creation of structured reports for incident response. The other options, such as threat_note, IntelMQ, and Malstrom, do not primarily focus on report writing in the context of incident handling.