Tingnan ang lahat ng mga set ng pag-aaral

Quiz: Module 02 Threat Management and Cybersecurity Resources

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Which premise is the foundation of threat hunting? a. Threat actors have already infiltrated our network. b. Pivoting is more difficult to detect than ever before. c. Attacks are becoming more difficult. d. Cybercrime will only increase.

a. Threat actors have already infiltrated our network.

Which of the following can automate an incident response? a. SIEM b. SOSIA c. SOAR d. CVCC

c. SOAR

Which of the following are developed by established professional organizations or government agencies using the expertise of seasoned security professionals? a. Regulations b. White papers c. Benchmarks d. Legislation

a. Regulations

Which of the following is NOT an advantage of crowdsourced penetration testing? a. Faster testing b. Ability to rotate teams c. Conducting multiple tests simultaneously d. Less expensive

d. Less expensive

Which is the final rule of engagement that would be conducted in a pen test? a. Exploitation b. Cleanup c. Communication d. Reporting

d. Reporting

What are documents that are authored by technology bodies employing specialists, engineers, and scientists who are experts in those areas? a. Blue papers b. White notebooks c. Cybersecurity feeds d. Requests for comments (RFCs)

d. Requests for comments (RFCs)

Which of the following is not something that a SIEM can perform? a. Incident response b. User behavior analysis c. Log aggregation d. Sentiment analysis

a. Incident response

Which of the following is a standard for the handling of customer card information? a. PCI DSS b. OSS XRS c. RMR CDC d. DRD STR

a. PCI DSS

What penetration testing level name is given to testers who have no knowledge of the network and no special privileges? a. Purple box b. Black box c. White box d. Gray box

b. Black box

Linnea has requested to be placed on the penetration testing team that scans for vulnerabilities to exploit them. Which team does she want to be placed on? a. Red Team b. White Team c. Purple Team d. Blue Team

a. Red Team

When researching how an attack recently took place, Nova discovered that the threat actor, after penetrating the system, started looking to move through the network with their elevated position. What is the name of this technique? a. Squaring up b. Twirling c. Jumping d. Lateral movement

d. Lateral movement

What is another name for footprinting? a. Active reconnaissance b. High-level reconnaissance c. Modeling d. Revealing

a. Active reconnaissance

Which of the following is NOT a characteristic of a penetration test? a. Automated b. Finds deep vulnerabilities c. May use internal employees or external consultants d. Performed occasionally

a. Automated

Which group is responsible for the Cloud Controls Matrix? a. CSA b. OSINT c. NIST d. CIS

a. CSA

Tilde is working on a contract with the external penetration testing consultants. She does not want any executives to receive spear-phishing emails. Which rule of engagement would cover this limitation? a. Scope b. Limitations and exclusion c. Targets d. Exploitation

a. Scope

Tuva's supervisor wants to share a recent audit outside the organization. Tuva warns him that this type of audit can only be read by those within the organization. What audit does Tuva's supervisor want to distribute? a. SSAE SOC 3 Type IV b. SSAE SOC 2 Type II c. SSAE SOC 2 Type III d. SSAE SOC 3.2 Type X

b. SSAE SOC 2 Type II

Which ISO contains controls for managing and controlling risk? a. ISO 271101 b. ISO 27555 c. ISO 31000 d. ISO XRS

c. ISO 31000

Lykke's supervisor is evaluating whether to use internal security employees to conduct a penetration test. Lykke does not consider this a good idea and has created a memo with several reasons they should not be used. Which of the following would NOT be part of that memo? a. The employees could have inside knowledge of the network that would give them an advantage. b. There may be a lack of expertise. c. They would have to stay overnight to perform the test. d. Employees may have a reluctance to reveal a vulnerability.

c. They would have to stay overnight to perform the test.

Ebba has received a new initiative for her security team to perform an in-house penetration test. What is the first step that Ebba should undertake? a. Budgeting b. Documentation c. Approval d. Planning

d. Planning

Which of the following is NOT a general information source that can provide valuable in-depth information on cybersecurity? a. Local industry groups b. Conferences c. Vendor websites d. Twitter

Quiz: Module 02 Threat Management and Cybersecurity Resources

Kaugnay na mga set ng pag-aaral

Math 1201 chapter 4

Peds Exam 2

Chapter 52: Assessment and Management of Patients with Breast Disorders

Agronomy 280

Special Days in May

OB Success: Intrapartum

EXAM 4 :NSAIDS and ANALGESICS

2.2.6

Chapter 1 (Epigenetics)

most common portuguese words

Respiratory Function

Nutrition Chapter 2: Tools of a Healthy Diet

Wilson's 14 points

POS2041 - Exam 1 Study Guide - Chps 1-3

FAM 4440 Chapter 1

What are compounds?

ACCT 210 SDSU Chapter 6

Biology Unit 7 Test Review

GSC199

Q Bank Unit 14