Practice Test: Module 01 Introduction to Security
Which of the following describes state actors using advanced tools to infect a system to silently and slowly extract data?
Advanced persistent threat (APT)
Unsecure protocols are classified as which type of vulnerability?
Configuration vulnerability
Recently, a computerized electrical power supply unit failed due to a cyberattack. This resulted in a power grid disruption for an entire region of the country. In your study on the attack, how should you categorize the threat actor(s)?
Cyberterrorist
Which of the following is a social engineering attack that uses social media and other sources to achieve its goal?
Hybrid warfare influence campaign
What is it called when a threat actor takes information for the purpose of impersonating someone?
Identity theft
MegaCorp is a multinational enterprise. Their customer payment files were recently stolen and sold on the black market. Customers have reported that their credit cards are being charged for fraudulent purchases made in countries where they do not live and have never been. What is the most likely impact on MegaCorp from this attack?
Reputation loss
A threat actor employed by the victimized organization is referred to as which of the following?
Shadow IT
Over the last few years, an organization has brought up the need to replace old systems. While the organization has made these old systems function with various workarounds, custom middleware applications, and other methods to make up for their shortcomings, it has become increasingly apparent that they need to be replaced soon.
The age of the systems means they run on outdated OSs that are no longer supported, making security updates impossible to install.
A weakest link vulnerability can be caused by mismanagement of which of the following?
Vendor management
Your company's Accounts Payable department reports that an invoice was marked as paid, but the vendor has shown proof they never received any of the $783,296 payment. Accounts Payable confirms that the amount was deducted from the company's accounts, but the recipient account number does not match the vendor's. After an investigation, you discover that the invoice was paid by the Chief Financial Officer. He says he paid the invoice after receiving an after-hours, past-due invoice from the vendor claiming that they would be filing a civil action in court the next morning. Rather than wait for Accounts Payable to come in the next day and verify the invoice date, the CFO immediately paid the full amount.
Whaling
