Certified Chief Information Security Officer (CCISO) — Question 184

A Security Operations (SecOps) Manager is considering implementing threat hunting to be able to make better decisions on protecting information and assets.
What is the MAIN goal of threat hunting to the SecOps Manager?

Answer options

• A. Improve discovery of valid detected events
• B. Enhance tuning of automated tools to detect and prevent attacks
• C. Replace existing threat detection strategies
• D. Validate patterns of behavior related to an attack

Correct answer: A

Explanation

The main goal of threat hunting is to enhance the discovery of valid detected events, allowing for more accurate assessments and responses. Options B and C do not accurately reflect the primary focus of threat hunting, which is not solely about tuning tools or replacing strategies. Option D, while relevant, is more about validation rather than the primary goal of improving detection capabilities.