FCSS – SOC Analyst 7.4 — Question 13

Which role does a threat hunter play within a SOC?

Answer options

• A. Investigate and respond to a reported security incident
• B. Monitor network logs to identify anomalous behavior
• C. Collect evidence and determine the impact of a suspected attack
• D. Search for hidden threats inside a network which may have eluded detection

Correct answer: D

Explanation

The correct answer is D, as threat hunters specifically seek out hidden threats that traditional security measures may not detect. Option A refers to incident response, Option B focuses on monitoring for anomalies, and Option C is related to evidence collection and impact assessment, which are not the primary tasks of a threat hunter.