sábado, 2 de março de 2024

FCF - Introduction to the Threat Landscape 2.0 Self-Paced

 

Grade88 out of 100
Feedback

Congratulations, you passed!

Question 1

Correct
1 points out of 1

Question text

Which attack vector does an influence campaign rely upon?
Select one:
Social media
Messaging service
Email
Zero-trust software exploit

Question 2

Correct
1 points out of 1

Question text

Which two reasons explain why influence campaigns are often effective?
Select one or more:
The bad actor can remain anonymous using fake accounts
Social media offers an inexpensive means to influence a large number of people
Blackmail and bribery are effective in influencing people’s behavior
People are known to respond favorably to a well-reasoned argument

Question 3

Correct
1 points out of 1

Question text

Select one:
Zero-day attack
Quid pro quo
Psychological manipulation
Exploiting computer weaknesses

Question 4

Correct
1 points out of 1

Question text

What objective is accomplished by the last two stages of an influence campaign?
Select one:
Access to the target’s network
Amplification of the message
Theft of information or money
Clarification of the narrative

Question 5

Correct
1 points out of 1

Question text

Select one:
Two employees disagree on the interpretation of a security policy
An open pot of honey is suspiciously left on a kitchen countertop
An employee shows contempt for an organization’s policies
A USB drive is found abandoned in an organization’s parking lot

Question 6

Correct
1 points out of 1

Question text

Which description best explains pharming?
Select one:
Cultivating trust between a bad actor and the target through chance encounters
Exploiting an unknown vulnerability in computer software
Computer traffic redirected from a legitimate website to a malicious one
Recruiting employees through various means to carry out an insider attack

Question 7

Correct
1 points out of 1

Question text

What type of insider threat is an individual who believes they are exempt from their organization’s security policies and bypasses them?
Select one:
Pawn
Lone wolf
Goof
Collaborator

Question 8

Incorrect
0 points out of 1

Question text

Which two insider types are considered malicious insider threats? (Choose two.)
Select one or more:
Lone wolves
Pawns
Moles
Rats

FCF - Introduction to the Threat Landscape 2.0 Self-Paced

 

Grade100 out of 100
Feedback

Congratulations, you passed!

Question 1

Correct
1 points out of 1

Question text

What is the mechanism part of an attack vector in a DDoS attack?
Select one:
Bots
Routers
Public IP address
Web service

Question 2

Correct
1 points out of 1

Question text

Select one or more:
Failing hard drive
Sudden degraded performance
OS updates automatically
Self-executing programs

Question 3

Correct
1 points out of 1

Question text

Which statement best describes an attack surface?
Select one:
The total number of bad actors
The method to exploit a vulnerability
The sum of vulnerabilities
The number of pathways to a vulnerability

Question 4

Correct
1 points out of 1

Question text

Select one:
A program that “lays an egg”, in effect producing a malicious app.
A set of instructions that executes a command to take control of a computer.
A hidden feature in code that may be activated for malicious purposes.

Question 5

Correct
1 points out of 1

Question text

What type of malware do these characteristics describe?
·         User activated
·         Malware inserts or attaches itself to legitimate programs
·         Spreads to other computers
Select one:
Rootkit
Keylogger
Virus

FCF - Introduction to the Threat Landscape 2.0 Self-Paced

 

Points8/10
Grade82 out of 100
Feedback

Congratulations, you passed!

Question 1

Correct
1 points out of 1

Question text

Which sequence of a Cyber Kill Chain show the events occurring in the correct order?
Select one:
Reconnaissance, weaponization, delivery, exploitation, installation, command and control, exfiltration
Weaponization, reconnaissance, delivery, exploitation, installation, command and control, exfiltration
Reconnaissance, delivery, weaponization, exploitation, installation, command and control, exfiltration
Weaponization, reconnaissance, delivery, installation, exploitation, command and control, exfiltration

Question 2

Correct
1 points out of 1

Question text

Select one or more:
Computer technology
Post-exploit
Human
Pre-exploit

Question 3

Correct
1 points out of 1

Question text

Which definition best represents the Cyber Kill Chain?
Select one:
Describes the stages of a cyber attack
Illustrates how a cyber attack is killed
Details how to respond at each stage of a cyber attack
Chronicles the chain reaction of a cyber attack

Question 4

Correct
1 points out of 1

Question text

Manipulating people to do something contrary to their interests is an example of which cybersecurity threat category?
Select one:
Social engineering
Malware
System design failure
Unauthorized access

Question 5

Correct
1 points out of 1

Question text

Which expression would best qualify as threat intelligence?
Select one:
Data feeds from a Security Information and Event Manager (SIEM)
Security implications and actionable advice
A list of malicious IP addresses and domain names
News of a cyberattack on another organization’s network

Question 6

Incorrect
0 points out of 1

Question text

Which step is the final action in the threat intelligence process?
Select one:
Eliminating threats
Identifying which threats must be mitigated
Providing feedback and a review of lessons learned
Disseminating threat information

Question 7

Partially correct
0 points out of 1

Question text

Which three requisite qualities must information have for it to be threat intelligence? (Choose three.)
Select one or more:
Contextual
Relevant
Actionable
Detailed
Timely

Question 8

Correct
1 points out of 1

Question text

Which bad actor type prefers ransomware as an attack method?
Select one:
Cyber warrior
Cybercriminal
Cyber terrorist

Question 9

Correct
1 points out of 1

Question text

Which system or organization assigns a severity score to help you identify the most dangerous cyberthreats to your organization?
Select one:
Cyberthreat rating system unanimous (CRSU)
Federal Bureau of Investigation (FBI)
National Institute of Standards and Technology (NIST)
Common vulnerability scoring system (CVSS)

Question 10

Correct
1 points out of 1

Question text

Which standard develops a common language for cyberthreat information?
Select one:
Cyberthreats vernacular (CTV)
MITRE ATT&CK
Common vulnerability scoring system (CVSS)
Structured threat information expression (STIX)