google_cyberpunk_20240321024757

Question 1

Maleware

Answer 1

A software designed to harm devices or networks

Question 2

Virus

Answer 2

A malware program that modifies their computer programs by inserting its own code to damage and/or destroy data

Question 3

Worm

Answer 3

Malware that self - replicates spreading across the network and infecting computers

Question 4

Ransomware

Answer 4

A malicious attack during which threat actors encrypt an organization’s data and demands payment to restore access

Question 5

Spyware

Answer 5

Malicious software installed on a users computer without their permission, which is used to spy on and steal user data

Question 6

Phishing

Answer 6

The use of digital communications to trick people into revealing sensitive data or deploying malicious software

Question 7

Spear phishing

Answer 7

A malicious email attack targeting a specific user or group of users that appears to originate from a trusted source

Question 8

Whaling

Answer 8

A form of spear phishing during which threat actors target executives in order to gain access to sensitive data

Question 9

Business email compromise (BEC)

Answer 9

An attack in which a threat actor impersonates a known source to obtain a financial advantage

Example of: Phishing

Question 10

Vishing

Answer 10

The exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source

Question 11

Social engineering

Answer 11

A manipulation technique that exploits human error to gain unauthorized access to sensitive, private, and/or valuable data

Question 12

Social media phishing

Answer 12

An attack in which a threat actor collects detailed information about their target on social media sites before initiating an attack

Example of: Social engineering

Question 13

Watering hole attack

Answer 13

An attack in which a threat actor compromises a website frequently visited by a specific group of users

Example of: Social engineering

Question 14

Physical social engineering

Answer 14

An attack in which a threat actor impersonates an employee, customer, or vendor to obtain unauthorized access to a physical location

Example of: Social engineering

Question 15

USB baiting

Answer 15

An attack in which a threat actor strategically leaves a malware USB stick for an employee to find and unknowingly infect a network

Example of: Social engineering

Question 16

1 - Security and Risk Management

Answer 16

defining security goals and objectives, risk mitigation, compliance, business continuity, and the law

Question 17

2 - Asset Security

Answer 17

securing digital and physical assets

Question 18

3 - Architecture and engineering

Answer 18

optimizing data security by ensuring effective tools, systems, and processes are in place

Question 19

4 - Communication and network security

Answer 19

managing and securing physical networks and wireless communications

Question 20

5 - Identity and access management,

Answer 20

Identity and access management focuses on keeping data secure, by ensuring users follow established policies to control and manage physical assets, like office spaces, and logical assets, such as networks and applications

Question 21

6 - Security assessment and testing,

Answer 21

conducting security control testing, collecting and analyzing data, and conducting security audits to monitor for risks, threats, and vulnerabilities

Question 22

7 - Security operations, and software development security.

Answer 22

investigations and implementing preventative measures

Question 23

8 - Software development security.

Answer 23

Secure coding practices, which are a set of recommended guidelines that are used to create secure applications and services.

Question 24

Antivirus software

Answer 24

A software program used to prevent, detect, and eliminate malware and viruses

Question 25

Security information and event management (SIEM)

Answer 25

An application that collects and analyzes log data to monitor critical activities in an organization

Question 26

Splunk

Answer 26

`A data analysis platform

Question 27

Chronicle

Answer 27

is a cloud-native SIEM tool that stores security data for search and analysis. Cloud-native means that Chronicle allows for fast delivery of new features.

Question 28

Network protocol analyzer (packet sniffer)

Answer 28

A tool designed to capture and analyze data traffic within a network

Question 29

chain of custody playbook

Answer 29

process of documenting evidence possession and control during an incident lifecycle

Question 30

protecting and preserving evidence playbook

Answer 30

properly working with fragile and volatile digital evidence

Question 31

order of volatility

Answer 31

a sequence outlining the order of data that must be preserved from first to last