Security+ Chapter 2

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

TAXII

Cindy wants to send threat information via a standardized protocol specifically designed to exchange cyber threat information. What should she choose?

Insider Hacktivists

Edwards Snowden was a government contractor who disclosed sensitive government documents to journalists to uncover what he believed were unethical activities. Which two of the following best describes Snowdens activates?

Supply Chain

Greg believe that an attacker may have installed malicious firmware in a network device before it was provided yo his organization by the supplier. What type of threat vector best describes this attacl?

Internet RFCs

Ken is conducting threat research on Transport Layer Security (TLS) and would like to consult the authoritative reference for the protocols technical specification. What resource would best be meet his needs?

White Hat

Kolin is a penetration tester who works for a cybersecurity company. His firm was hired to conduct a penetration test against a health-care system, and Kolin is working to gain access to the systems belonging to a hospital in that system. What term best describes Kolin's work.

Email

Of the threat vectors listed here, which one is most commonly exploited by attackers who are at a distant location?

Gray Hat

Person who may violate ethical standards or principles, but without the malicious intent ascribed to black hat hackers

Unavailability of future patches

Toms's organization recently learned that the vendor is discontinuing support for their customer relationship management (CRM) system. What should concern Tom the most from a security perspective?

Shadow IT

Ursula recently discovered that a group of developers are sharing information over a messaging tool provided by a cloud vendor but not sanctioned by her organization. What term best describes this use of technology?

IoC

Vince recently received the hash values of malicious software that several industry found installed on their systems after a compromise. What term best describes this information?

API keys

Wendy is scanning cloud-based repositories for sensitive information. Which one of the following should concern her most, is discovered in a public repository?

XML

What language is STIX based on?

ISACs

What organization did the U.S. government help create to help share knowledge between organizations in specific verticals?

Behavioral

What type of assessment is particularly useful for identifying insider threats?

Detail

Which of the following is not commonly used to assess threat intelligence?

anonymous

Which of the following is the best example of a hacktivist group?

Nation-state actors

Which of the following threat actors typically has the greatest access to resources?

Threat map

Which of the following threat research tools is used to visually display information about the location of threat actors?

Nation-state actor

Which one of the following attackers is most likely to be associated with an APT?

Port scans

Which one of the following information sources would not be considered an OSINT source?


Kaugnay na mga set ng pag-aaral

MEGA Elementary Education Multi-Conent Subtest I - Practice Test

View Set

Biol 3840: Chp 19 - Arthropods, Chelicerates, and Myriapods

View Set

Chapter 17: FUNCTION OF THE HEART

View Set

Abeka 7th Grade Reading Quiz H English

View Set

C165 - integrated science + Physics

View Set

Cognitive psychology chapter 5 self test quiz

View Set