Which of the following security operations tasks are ideal for automation?

Which of the following security operations tasks are ideal for automation?
A . Suspicious file analysis:
– Look for suspicious-looking graphics in a folder.
– Create subfolders in the original folder based on category of graphics found.
– Move the suspicious graphics to the appropriate subfolder
B . Firewall IoC block actions:
Examine the firewall logs for IoCs from the most recently published zero-day exploit
Take mitigating actions in the firewall to block the behavior found in the logs
Follow up on any false positives that were caused by the block rules
C . Security application user errors:
Search the error logs for signs of users having trouble with the security application Look up the user’s phone number
Call the user to help with any questions about using the application
D . Email header analysis:
Check the email header for a phishing confidence metric greater than or equal to five
Add the domain of sender to the block list
Move the email to quarantine

View Answer

Answer: D

Explanation:

Email header analysis is one of the security operations tasks that are ideal for automation. Email header analysis involves checking the email header for various indicators of phishing or spamming attempts, such as sender address spoofing, mismatched domains, suspicious subject lines, or phishing confidence metrics. Email header analysis can be automated using tools or scripts that can parse and analyze email headers and take appropriate actions based on predefined rules or thresholds