2 - Cybersecurity Threat Landscape

Question 1

What measures are commonly used to assess threat intelligence?

Answer 1

Timeliness, Accuracy, and Relevance

Question 2

What language is STIX based on?

Answer 2

XML

Question 3

Kolin is a penetration tester. Kolin is working to gain access to a system that belongs to the hospital. What term best describes Kolin’s work?

Answer 3

White Hat (Hacking)

Question 4

What kind of Attack is most likely to be associated with an APT (advanced persistent threat)?

Answer 4

Nation-state Actor

Question 5

What organizations did the U.S. government help create to help share knowledge between organizations in specific verticals?

Answer 5

ISACs

Question 6

Which threat actor typically has the greatest access to resources (time, money, skill)?

Answer 6

Nation-state Actors

Question 7

Which threat vector is most commonly exploited by attackers who are at a distant location?

Answer 7

Email

Question 8

Who is a good example of a hacktivist group?

Answer 8

Anonymous

Question 9

What type of assessment is particularly useful for identifying insider threats?

Answer 9

Behavioral

Question 10

Cindy wants to send threat info via a standardized protocol specifically designed to exchange cyber threat info. What should she use?

Answer 10

TAXII

Question 11

Greg believes an attacker installed malicious firmware in a network device before it was provided to his org by the supplier. What type of threat vector best describes this attack?

Answer 11

Supply Chain

Question 12

Ken is doing threat research on Transport Layer Security (TLS) and would like to consult the authoritative reference for the protocol’s technical specification. What resource would best meet his needs?

Answer 12

Internet RFCs

Question 13

Wendy is scanning cloud-based repositories for sensitive info. What should concern her MOST, if discovered in a public repository?

Answer 13

API Keys

Question 14

What threat research tool is used to visually display info about the location of threat actors?

Answer 14

Threat Map

Question 15

Vince recently received the hash values of malicious software that several other firms in his industry found installed on their compromised systems. What term best describes this info?

Answer 15

IoC

Question 16

Ursula recently discovered that developers are sharing info over a messaging tool provided by a cloud vendor that’s not sanctioned by their org. What term best describes this use of technology?

Answer 16

Shadow IT

Question 17

Tom’s org recently learned that a vendor is discontinuing support for their customer relationship management system. What should concern Tom most from a security perspective?

Answer 17

Unavailability of Future Patches

Question 18

What information sources are considered OSINT sources?

Answer 18

DSN Look-Up Services, Search Engine Research, and WHOIS Queries

Question 19

Edward Snowden was a gov contractor who disclosed sensitive government documents to journalists to uncover what he believe were unethical activities. What terms describe Snowden’s activities from a security perspective?

Answer 19

Insider & Hacktivist

Question 20

Renee is a cybersecurity hobbyist. She discovers that the URLs for her son’s school’s grade-viewing website contain ID numbers in the web addresses. She immediately reports this finding to the principle. What term best describe Renee’s good work?

Answer 20

Gray-hat (Hacking)