28 Sep Practice Test Question-STIX
Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.
What is the purpose of STIX?
A. To provide a set of services to enable sharing of threat intelligence
B. To represent threat information in a standardized manner
C. Offer a standardized schema for the specification and communication of system and network events
D. Provide an API for security platform integration
Correct Answer: B
TAXII provides a set of services to enable sharing of threat intelligence. So that is not the correct answer. STIX is a collaborative effort to develop a standardized, structured language to represent cyber threat information. The STIX framework intends to convey the full range of potential cyber threat data elements and strives to be as expressive, flexible, extensible, automatable, and human-readable as possible. This is the correct answer. CEE, or the common event expression, offers a standardized schema for the specification and communication of system and network events. So, this is not the correct answer. And STIX does not provide an API for security platform integration. So that is not the correct answer either.
Interested in more practice test questions?
Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test!
No Comments