Priya Dogra – Certification | Jobs | Internships
Related Articles
Module 2: The Threat Landscape Quiz Answers
Which definition best represents the Cyber Kill Chain?
- Chronicles the chain reaction of a cyber attack
- Details how to respond at each stage of a cyber attack
- Describes the stages of a cyber attack
- Illustrates how a cyber attack is killed
Which bad actor type is motivated by notoriety?
- Explorer
- Cyber terrorist
- Cybercriminal
- Adventurer
Which bad actor type is motivated by ideology?
- Hacktivist
- Cyber ideologue
- Cyber warrior
- Explorer
Which system or organization assigns a severity score to help you identify the most dangerous cyberthreats to your organization?
- Federal Bureau of Investigation (FBI)
- Cyberthreat rating system unanimous (CRSU)
- National Institute of Standards and Technology (NIST)
- Common vulnerability scoring system (CVSS)
Which standard develops a common language for cyberthreat information?
- Structured threat information expression (STIX)
- MITRE ATT&CK
- Common vulnerability scoring system (CVSS)
- Cyberthreats vernacular (CTV)
Which two attack vector categories characterize a ransomware attack? (Choose two.)
- Computer technology
- Pre-exploit
- Post-exploit
- Human
What are the two ingredients of a successful social engineering attack? (Choose two.)
- Gaining the trust of the victim
- Denying the victim access to a server or service
- Compelling the victim to act, such as instilling a sense of urgency
- Stealing the victim’s credentials by watching them as they log in
- Breaching the victim’s computer by exploiting a weakness in an application
Which step is the final action in the threat intelligence process?
- Identifying which threats must be mitigated
- Providing feedback and a review of lessons learned
- Eliminating threats
- Disseminating threat information
Which expression would best qualify as threat intelligence?
- A list of malicious IP addresses and domain names
- Security implications and actionable advice
- News of a cyberattack on another organization’s network
- Data feeds from a Security Information and Event Manager (SIEM)
Which bad actor type prefers ransomware as an attack method?
- Cyber extortionist
- Cyber terrorist
- Cybercriminal
- Cyber warrior
What is a benefit of using MITRE ATT@CK?
- Provides a common taxonomy for understanding and mitigating cyberattacks
- Supplies superior services at a lower cost than its competitors
- Presents more cyber attack details than other methods, such as Cyber Kill Chain
- Offers off-the-shelf security software solutions
Which sequence of a Cyber Kill Chain show the events occurring in the correct order?
- Reconnaissance, delivery, weaponization, exploitation, installation, command and control, exfiltration
- Weaponization, reconnaissance, delivery, exploitation, installation, command and control, exfiltration
- Weaponization, reconnaissance, delivery, installation, exploitation, command and control, exfiltration
- Reconnaissance, weaponization, delivery, exploitation, installation, command and control, exfiltration
Manipulating people to do something contrary to their interests is an example of which cybersecurity threat category?
- Malware
- System design failure
- Social engineering
- Unauthorized access
Which three requisite qualities must information have for it to be threat intelligence? (Choose three.)
- Detailed
- Contextual
- Actionable
- Timely
- Relevant
Which cybersecurity threat category would a trojan horse be an example of?
- Malware
- Unauthorized access
- Social engineering
- System design failure
Which hacker type is someone employed by a computer security consulting firm who could be hired to do penetration testing?
- Green hat
- Black hat
- Grey hat
- Blue hat
