Domain 2, Quiz 1 Flashcards
Which of the following threat actors is most likely to be motivated by financial gain?
a. Nation-state
b. Insider threat
c. Hacktivist
d. Organized crime
Organized crime
Organized crime groups are often motivated by financial gain, seeking to profit from their activities.
An employee starts using unauthorized cloud services for storing company data. This is an example of:
a. Organized crime
b. Insider threat
c. Shadow IT
d. Hacktivist
Shadow IT
Shadow IT refers to using unauthorized information technology resources within an organization, which is what the employee is doing in this scenario.
An attacker gains unauthorized access to an organization’s network by exploiting default credentials on a network device. This is an example of a vulnerability in which part of the attack surface?
a. Open service ports
b. Human vectors/social engineering
c. Unsupported systems and applications
d. Default credentials
Default credentials
The scenario specifies that the attacker exploited default credentials, making this the correct answer.
A threat actor who is motivated by philosophical or political beliefs is typically known as a:
a. Unskilled attacker
b. Hacktivist
c. Insider threat
d. Nation-state
Hacktivist
A hacktivist is an individual or group that engages in hacking or cyber-attacks for political or social reasons, which align with philosophical or political beliefs.
Which of the following is a common threat vector used in typosquatting attacks?
a. Misinformation/disinformation
b. Vulnerable software
c. Voice call
d. Removable device
Misinformation/disinformation
Typosquatting is a form of misinformation or disinformation, as it relies on deceiving users into visiting a malicious or deceptive website.
An attacker sends an email to an employee claiming to be from the IT department and requesting the employee to confirm their password. This is an example of:
a. Business email compromise
b. Pretexting
c.Typosquatting
d. Phishing
Phishing
Phishing involves tricking recipients into revealing sensitive information, which is what the attacker is attempting to do in this scenario.
Which of the following threat vectors is most commonly associated with ‘smishing’ attacks?
a. Short Message Service (SMS)
b. Voice call
c. Email
d. Instant messaging (IM)
Short Message Service (SMS)
Smishing is a type of phishing attack that occurs via SMS messages, making SMS the most common threat vector for smishing attacks.
An attacker sends an email to an organization’s employees containing a link to a website that appears to be the organization’s login page but is actually a malicious site controlled by the attacker. This is an example of:
a. Brand impersonation
b. Typosquatting
c. SQL Injection
d. Vishing
Brand impersonation
Brand impersonation involves mimicking a legitimate organization’s branding to deceive individuals, which is what the attacker is doing in this scenario.
What type of threat vector is most commonly associated with ‘vishing’ attacks?
a. Instant messaging (IM)
b. Email
c. Voice call
d. Short Message Service (SMS)
Voice call
Vishing is a type of phishing attack that occurs via voice calls, making voice calls the most common threat vector for vishing attacks.
An attacker impersonates a trusted entity by acting like their internal IT to trick a target into revealing sensitive information over a phone call. What is it called when the user has a cover story for their phone call?
a. Smishing
b. OSINT
c. Pretexting
d. Business email compromise
Pretexting
Pretexting involves creating a fabricated scenario to obtain information or gain access, which is what the attacker is doing in this scenario.
An attacker compromises a legitimate website frequently visited by a specific target group to deliver malware to the users of that site. This is an example of:
a. Watering hole attack
b. Typosquatting
c. Misinformation/disinformation
d. Business email compromise
Watering hole attack
A watering hole attack involves compromising a website frequently visited by a specific target group to deliver malware to that group, which matches the scenario described.
Which of the following is most likely to have the highest level of sophistication and capability?
a. Nation-state
b. Shadow IT
c. Unskilled attacker
d. Hacktivist
Nation-state
Nation-states typically have significant resources and funding, making them likely to have the highest level of sophistication and capability.
Which of the following threat vectors involves registering domains similar to legitimate ones to deceive users?
a. Watering hole
b. Brand impersonation
c. Phishing
d. Typosquatting
Typosquatting
Typosquatting involves registering domains similar to legitimate ones to deceive users, making this the correct answer.
An attacker sends a message to a target’s mobile phone claiming to be from the target’s bank and requesting account details. This is an example of:
a. Business email compromise
b. Smishing
c. Vishing
d. Brand impersonation
Smishing
Smishing is a type of phishing attack that occurs via SMS messages, making SMS the most common threat vector for smishing attacks.
Which threat vector involves misinformation or disinformation?
a. File-based
b. Human vectors/social engineering
c. Vulnerable software
d. Removable device
Human vectors/social engineering
Misinformation/disinformation falls under the category of social engineering techniques that manipulate human behavior.
