試験CS0-003J トピック3 問題293 スレッド

Attack simulations provide realistic, hands-on scenarios that mirror true incidents, allowing SOC analysts to practice detection, analysis, and response skills under real-world pressure. These simulations are crucial for developing and reinforcing SOC procedures and incident workflows.
Phishing assessments (A) are targeted, limited training.
OpenVAS (B) is a vulnerability scanner, not a training tool.
SOAR (D) is a response automation tool.
Honeypots (E) help observe attacker behavior, but aren't training-focused.
Reference:
CS0-003 Objectives 3.3 - Incident Response Training
Mya Heath All-in-One - Chapter 14: Post-Incident Activities and Training