Self-Assessment Quizzes¶
Test Your Knowledge of AI-Powered Security Operations¶
Welcome to the Nexus SecOps self-assessment quiz section! These quizzes help you validate your understanding of security operations concepts, AI/ML applications, and defensive security practices covered throughout the textbook.
Why Take These Quizzes?¶
Benefits of Self-Assessment
- Validate Understanding: Identify concepts you've mastered and areas needing review
- Reinforce Learning: Active recall strengthens memory and comprehension
- Build Confidence: Track your progress and readiness for real-world application
- Practice Scenarios: Apply concepts to realistic SOC situations
- Immediate Feedback: Get explanations and rationales for every answer
How to Use These Quizzes¶
1. Complete Quizzes After Each Chapter¶
Take the corresponding quiz after finishing each chapter while the material is fresh. This helps consolidate learning and identify gaps before moving forward.
2. Review Explanations Carefully¶
Every question includes detailed explanations. Even if you answer correctly, read the rationale to deepen your understanding and discover alternative perspectives.
3. Retake for Mastery¶
If you score below 80%, review the chapter content and retake the quiz. Spaced repetition improves retention—try again after a few days.
4. Use for Exam Preparation¶
If preparing for certifications (CySA+, GIAC, etc.), use these quizzes to practice scenario-based thinking and test-taking strategies.
5. Track Your Progress¶
Keep notes on which topics challenge you most. This guides your study priorities and helps you develop a personalized learning plan.
Available Quizzes¶
Part 1: Foundations¶
-
Chapter 1: Introduction to SOC & AI
Test your understanding of SOC structure, analyst tiers, AI opportunities and limitations, and MITRE ATT&CK fundamentals.
Topics: SOC roles, MTTA/MTTR, alert fatigue, AI use cases, hallucination, ethics
-
Chapter 2: Telemetry & Log Sources
Assess your knowledge of log sources, normalization, schemas, and data retention strategies.
Topics: Endpoint/network/cloud logs, Syslog, CEF, ECS, enrichment, compliance
-
Chapter 3: SIEM & Data Lake Basics
Evaluate your grasp of SIEM architecture, query languages, and correlation techniques.
Topics: SPL, KQL, correlation rules, data lakes, search optimization, indexing
Part 2: Core SOC Capabilities¶
-
Chapter 4: Detection Engineering
Challenge your detection engineering skills with questions on rule development, testing, and tuning.
Topics: Sigma, YARA, baselines, purple teaming, ATT&CK mapping, detection-as-code
-
Chapter 5: Triage & Investigation
Practice triage workflows, investigation techniques, and decisioning strategies.
Topics: Alert prioritization, enrichment, pivoting, timelines, runbooks, escalation
-
Chapter 6: Threat Intelligence
Test your understanding of threat intel types, operationalization, and hunting methodologies.
Topics: STIX, TAXII, IOCs vs TTPs, threat feeds, confidence scoring, hunt hypotheses
Part 3: Automation & Response¶
-
Chapter 7: SOAR & Automation
Assess your knowledge of automation platforms, playbook design, and safety practices.
Topics: SOAR workflows, approval gates, rollbacks, rate limiting, orchestration, ROI
-
Chapter 8: Incident Response
Validate your understanding of the IR lifecycle, containment, and lessons learned.
Topics: NIST IR phases, forensics, eradication, recovery, post-mortems, tabletop exercises
Part 4: AI Integration¶
-
Chapter 9: AI/ML in SOC
Challenge your ML knowledge with questions on algorithms, evaluation, and pitfalls.
Topics: Supervised/unsupervised learning, UEBA, overfitting, drift, adversarial evasion
-
Chapter 10: LLM Copilots & Guardrails
Test your understanding of LLMs, RAG, prompt engineering, and safety guardrails.
Topics: Prompting, grounding, hallucination, prompt injection, output filtering, evaluation
Part 5: Evaluation & Governance¶
-
Chapter 11: Evaluation & Metrics
Assess your ability to measure SOC performance and model effectiveness.
Topics: Precision, recall, F1, ROC/AUC, MTTD/MTTR, balanced scorecards, KPIs
-
Chapter 12: Governance, Privacy & Risk
Validate your knowledge of compliance, privacy, bias, and AI governance.
Topics: GDPR, HIPAA, PCI-DSS, privacy-by-design, bias mitigation, risk frameworks
Part 5: Evaluation & Governance (continued)¶
-
Chapter 13: Security Governance, Privacy & Risk
Test compliance frameworks, AI governance, privacy by design, and risk quantification.
Topics: GDPR, HIPAA, PCI-DSS, NIST CSF, privacy-by-design, AI Act, FAIR
-
Chapter 14: Operating Model, Staffing & SLAs
Evaluate SOC staffing models, SLA design, shift patterns, and training programs.
Topics: Tier 1/2/3 staffing, in-house vs. MSSP, SLA metrics, burnout, onboarding
-
Chapter 15: Resilience, Tabletops & Learning
Assess tabletop exercise design, lessons-learned processes, and resilience frameworks.
Topics: Tabletop facilitation, NIST 800-84, after-action reports, BCP/DR, chaos engineering
Part 6: Offensive Security¶
-
Chapter 16: Penetration Testing Methodology
Test scoping, rules of engagement, methodology phases, and report writing.
Topics: PTES, OSSTMM, scoping, recon, exploitation, post-exploitation, reporting
-
Chapter 17: Red Team Operations
Evaluate adversary simulation, C2 frameworks, OPSEC, and red team reporting.
Topics: C2 frameworks, Cobalt Strike, Sliver, OPSEC, purple team debrief, VECTR
-
Chapter 18: Malware Analysis
Test static/dynamic analysis techniques, sandbox evasion, and YARA rule writing.
Topics: PE structure, Ghidra, x64dbg, Cuckoo, CAPE, behavioral signatures, YARA
-
Chapter 19: OSINT & Reconnaissance
Assess passive recon techniques, OSINT tools, and footprinting methodology.
Topics: Shodan, theHarvester, Maltego, OSINT framework, passive vs. active recon
-
Chapter 20: Cloud Attack & Defense
Evaluate cloud kill chain, IAM exploitation, and cloud-native defense strategies.
Topics: Pacu, Prowler, CSPM, lateral movement in cloud, SSRF, misconfiguration
-
Chapter 21: OT/ICS/SCADA Security
Test ICS protocols, Purdue model, NERC CIP requirements, and OT incident response.
Topics: Modbus, DNP3, Dragos, Claroty, NERC CIP, air gap, OT-specific TTPs
Part 7: Threat Landscape¶
-
Chapter 22: Threat Actor Encyclopedia
Identify nation-state groups, criminal orgs, their TTPs, and attribution indicators.
Topics: APT29, APT28, Lazarus, Volt Typhoon, LockBit, ALPHV, attribution methodology
-
Chapter 23: Ransomware Deep Dive
Test ransomware kill chain, RaaS economics, negotiation, and recovery strategies.
Topics: Double extortion, RaaS affiliates, crypto wallets, backup hygiene, crisis negotiation
-
Chapter 24: Supply Chain Attacks
Assess software/hardware supply chain attack vectors and SBOM-based defenses.
Topics: SolarWinds, XZ Utils, SBOM, SLSA levels, code signing, dependency confusion
-
Chapter 25: Social Engineering
Evaluate phishing types, pretexting, vishing, and awareness program design.
Topics: Spear phishing, AiTM, smishing, vishing, security culture, GoPhish
-
Chapter 26: Insider Threats
Test insider threat typology, UEBA detection, and HR integration strategies.
Topics: Malicious vs. negligent insiders, UEBA, DLP, behavioral indicators, case management
Part 8: Defense in Depth¶
-
Chapter 27: Digital Forensics
Assess evidence handling, disk/memory forensics tools, and chain of custody.
Topics: Autopsy, Volatility, KAPE, timeline analysis, MFT, registry forensics, Plaso
-
Chapter 28: Advanced Incident Response
Test nation-state IR, legal holds, crisis communications, and forensic readiness.
Topics: Legal holds, external counsel, crisis comms, PR coordination, APT persistence
-
Chapter 29: Vulnerability Management
Evaluate CVSS vs. EPSS, prioritization frameworks, and patch SLA design.
Topics: CVSS v3, EPSS, KEV catalog, patch windows, SLA tiers, exception management
-
Chapter 30: Application Security
Test OWASP Top 10, SAST/DAST pipelines, and threat modeling methodologies.
Topics: OWASP Top 10, STRIDE, Burp Suite, SQLMap, code review, security champions
-
Chapter 31: Network Security Architecture
Assess segmentation, NGFW, NDR, and east-west traffic inspection.
Topics: Micro-segmentation, Zeek, Suricata, NGFW policy, NDR, TLS inspection
-
Chapter 32: Cryptography Applied
Test PKI, TLS configuration, HSMs, and key management lifecycle.
Topics: PKI hierarchy, certificate pinning, FIPS 140-3, HSM, post-quantum, key rotation
-
Chapter 33: Identity & Access Security
Evaluate PAM, Active Directory hardening, MFA types, and JIT access.
Topics: BloodHound, Kerberoasting, PIM, FIDO2, PAM vault, tiered AD model
-
Chapter 34: Mobile & IoT Security
Test MDM, firmware analysis, IoT network isolation, and mobile threat defense.
Topics: MDM enrollment, iOS/Android security models, firmware extraction, MQTT, OTA signing
Part 9: Advanced Practice¶
-
Chapter 35: DevSecOps Pipeline
Assess secure CI/CD pipeline design, SAST/SCA integration, and SBOM generation.
Topics: Semgrep, CodeQL, Grype, gitleaks, Checkov, Cosign, SLSA levels, Falco
-
Chapter 36: Purple Team Operations
Test VECTR workflow, Atomic Red Team usage, and detection engineering feedback loops.
Topics: CALDERA, Atomic Red Team, VECTR, detection gap analysis, Sigma from purple tests
-
Chapter 37: AI & Machine Learning Security
Evaluate adversarial ML, LLM attack vectors, and NIST AI RMF controls.
Topics: FGSM, PGD, model extraction, data poisoning, OWASP LLM Top 10, EU AI Act
-
Chapter 38: Advanced Threat Hunting
Test hypothesis-driven hunting, beaconing detection, and hunt automation.
Topics: PEAK/TaHiTI, stack counting, CV-based beaconing, NetworkX lateral movement, KQL hunts
-
Chapter 39: Zero Trust Implementation
Assess NIST SP 800-207, CISA ZT maturity model, and ZTNA deployment patterns.
Topics: CISA 5 pillars, Conditional Access, micro-segmentation, ZTNA vs. VPN, Cloudflare Access
-
Chapter 40: Security Program Leadership
Test FAIR risk quantification, board reporting, BISO model, and ROI calculation.
Topics: FAIR Monte Carlo, NPV/ROI, board metrics, BISO structure, security culture, vendor risk
Quiz Format¶
Each quiz contains 10-15 questions in various formats:
- Multiple Choice: Select the best answer from 4 options
- Scenario-Based: Apply concepts to realistic SOC situations
- True/False: Quick knowledge checks
- Comparison: Evaluate different approaches or tools
All questions use the expandable answer format—click "Show Answer" to reveal the correct response and detailed explanation.
Scoring Guidance¶
| Score | Interpretation | Next Steps |
|---|---|---|
| 90-100% | Excellent mastery | Move to next chapter; consider advanced practice |
| 80-89% | Good understanding | Review missed questions; ready to proceed |
| 70-79% | Satisfactory | Revisit challenging sections; retake after review |
| Below 70% | Needs improvement | Re-read chapter; focus on learning objectives; retake quiz |
Learning Tips¶
Maximize Learning from Quizzes
Before Taking: - Complete the corresponding chapter first - Review chapter learning objectives - Have the glossary available for reference
During the Quiz: - Read questions carefully—watch for words like "NOT," "EXCEPT," "BEST" - Think through scenarios before looking at options - Eliminate obviously wrong answers first - Don't rush—understanding matters more than speed
After Completing: - Review ALL explanations, even for correct answers - Note concepts that surprised you - Create flashcards for missed questions - Revisit related chapter sections - Retake after 2-3 days for spaced repetition
Additional Resources¶
- Glossary: Look up unfamiliar terms
- FAQ: Common questions answered
- MicroSims: Hands-on practice simulations
- Learning Graph: Concept dependencies and prerequisites
Feedback¶
Help improve these quizzes! If you find: - Unclear or ambiguous questions - Incorrect answers or explanations - Missing topics that should be covered - Suggestions for additional scenarios
Ready to Test Your Knowledge?¶
-
Quick Start
Jump to your current chapter's quiz
-
Targeted Practice
Pick quizzes for specific weak areas
-
Complete Assessment
Take all 12 quizzes to evaluate overall mastery
Good luck with your self-assessment! Remember: these quizzes are learning tools, not tests. Focus on understanding, not just scores.