What are three functionalities provided by SOAR? (Choose three.)

What are three functionalities provided by SOAR? (Choose three.)

• It automates complex incident response procedures and investigations.
• It provides 24x7 statistics on packets that flow through a Cisco router or multilayer switch.
• It uses artificial intelligence to detect incidents and aid in incident analysis and response.
• It presents the correlated and aggregated event data in real-time monitoring and long-term summaries.
• It provides a complete audit trail of basic information about every IP flow forwarded on a device.
• It provides case management tools that allow cybersecurity personnel to research and investigate incidents.

Explanation: SOAR security platforms offer these functionalities:
• Gather alarm data from each component of the system
• Provide tools that enable cases to be researched, assessed, and investigated
• Emphasize integration as a means of automating complex incident response workflows that enable more rapid response and adaptive defense strategies
• Include predefined playbooks that enable automatic response to specific threats

Exam with this question: Checkpoint Exam: Threats and Attacks Group Exam