Ucertify 2

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Malena works as a cybersecurity analyst in an XYZ company. Her company assigned her to investigate threats using the threat intelligence cycle. Using this process, she started her work by assessing what kinds of security breaches or compromises her company has faced and according to intelligence requirements, she started collecting data from threat intelligence sources. What should be Malena's next step in the given scenario?

Data processing and analysis

Sia works as a cybersecurity analyst at an ABC organization. Her organization uses Lockheed Martin's Cyber Kill Chain process for defenders' model attacks and appropriate defenses. Using this process, she started identifying a target and then created tools to exploit vulnerabilities. What would be Sia's next step in the given scenario?

Delivering of weapons to a target

Alaina discovers that her company's website has defaced with a political message. Which type of threat actor is most likely to occur on her company's website in the given scenario?

Hacktivist

Which type of threat actor includes organizations like anonymous that target governments and businesses for political reasons?

Hacktivists

The United States has threat intelligence sharing centers for major areas like healthcare, aviation, and finance. What are these centers called?

ISAC

Which of the following stages of the Lockheed Martin's Cyber Kill Chain process focuses on persistent backdoor access for attackers?

Installation

Which level of intelligence provides broad information about threats and threat actors, allowing organizations to understand and respond to trends?

Strategic intelligence

Cyn works as a cybersecurity analyst. She wants to send threat information via a standardized protocol specifically designed to exchange cyber threat information. Which of the following should Cyn choose to exchange cyber threat information in the given scenario?

TAXII

Which of the following is specifically designed to support Structured Threat Information Expression (STIX) data exchange?

TAXII

James works as a security analyst in an organization. He wants to select a threat framework for his organization. He preferred a framework that includes steps to identify victims, capabilities, and infrastructure of a cybersecurity event. Which of the following would be James's best choice as per his preferences?

The Diamond Model of Intrusion Analysis

Which of the following threats are nation state-sponsored organizations with significant resources and capabilities and provide the highest level of threat on the adversary tier list?

APTs

Gabby, a cybersecurity analyst, wants to select a threat framework for her organization. She identifies that threat actor tactics in a standardized way is an important part of her selection process. Which threat model would be her best choice for the selection process in the given scenario?

ATT&CK

You work as a security analyst in an organization. You need to select a threat framework for your organization and mainly want threat actor tactics to be in a normalized way. Which threat model would be your best choice for selection in the given scenario?

ATT&CK

Jason works as a security analyst in an organization. He gathers threat intelligence information that explains to him about an adversary which is considered as a threat in his organization. The adversary likes to use USB key drops to compromise their targets. Which of the following options is specified in the given scenario?

An attack vector

Which type of assessment is particularly useful for identifying insider threats?

Behavioral

Which term describes scores that allow organizations to filter and use threat intelligence based on the amount of trust they can give?

Confidence

While engaging in an attack, an attacker sends an email message to the targeted victim that contains malicious software as an attachment. Which phase of the Cyber Kill Chain is occurring in the given scenario?

Delivery

Which of the following measures is not commonly used to assess threat intelligence?

Detail

On which of the following languages is STIX based?

Extensible Markup Language

Which of the organizations did the U.S. government help in sharing threat information to infrastructure owners and operators?

ISACs

Which of the following statements is not true about ATT&CK matrices?

Include metadata like the author, the name of the IOC, and a description.

Which of the following type of threat assessment data uses forensic evidence or data?

Indicators of compromise

The following figure signifies the Diamond Model of Intrusion: Figure A: The Diamond Model of Intrusion What does the question mark symbol represent on each vertex of the given figure?

Infrastructure and capability

Roma works as a penetration tester in an organization. She is performing a penetration test for a customer and identifies a client machine that is downloading the contents of the customer database, which stores the customer's intellectual property. After that, she also identifies an employee who is exporting the downloaded data to a USB drive. Which type of threat actor is being referred to in the given scenario?

Insider threat

Which phase of the Cyber Kill Chain process includes the creation of persistent backdoor access for attackers?

Installation

Which of the following is the common criticism of the Cyber Kill Chain model?

It includes actions outside a defended network.

Which security company creates and provides a base set of indicators of compromise (IOC) used by OpenIOC?

Mandiant

Which of the following threat actors are often associated with advanced persistent threat (APT) organizations?

Nation-state actors

Which of the following threat actors typically has the greatest access to resources?

Nation-state actors

What term describes information from publicly available sources used for intelligence purposes?

OSINT

Sam works as a security analyst in an XYZ company. He sends threat intelligence information to his manager in a machine-readable format so that the manager can verify it. In that format, Mandiant's indicators are used by Sam for the base framework. Which format did Sam use in the given scenario?

OpenIOC

Jack received an unknown call from a girl saying that she is a customer executive calling from an XYZ bank. She informed Jack that he won a prize of $2000 and the same amount will be transferred to his account as he is one of the prime customers of this bank. For this amount transfer, she requested Jack to confirm his debit card details. In the given scenario, the girl is playing which threat actor role?

Organized crime

Which of the following is not a common technique used to defend against command and control (C2) capabilities deployed by attackers?

Patching against zero-day attacks

Which of the following activities ensures that you have reviewed threats, their causes, and their typical actions and processes?

Profiling threat actors and activities

Which of the following options is frequently conducted in the requirements gathering phase of the intelligence cycle?

Review of security breaches or compromises an organization has faced

Which of the following is a standardized Extensible Markup Language (XML) programming language for conveying data about cybersecurity threats in a common language that can be easily understood by humans and security technologies?

STIX

Which six-category threat classification model developed by Microsoft is used to assess threats in an application?

STRIDE

he Diamond Model of Intrusion Analysis uses four main concepts as part of its threat mapping. Which of the following is not one of those four concepts?

Threat

Which of the following drove the creation of ISACs in the United States?

Threat information sharing for infrastructure owners

Which of the following activities follows threat data analysis in the threat intelligence cycle?

Threat intelligence dissemination

STRIDE, PASTA, and LINDDUN are all examples of ________________.

threat classification tools


Ensembles d'études connexes

Pharmacokinetics Tutorial MCQs PT2201 ./BB

View Set

Pharmacology Ch 87- Aminoglycosides

View Set

BIO 311C Squarecap questions for Exam 2

View Set

PSYCH316-- Chapter 10 Practice Quiz

View Set

constellations and the speed of light

View Set