Management

Question 1

How should words of estimative probability be used in the context of intelligence analysis?

Answer 1

As a relative guide to the level of confidence in a conclusion

Question 2

What is ISO/IEC 27001:2013?

Answer 2

A standard for information security management

Question 3

What is the role of senior management in implementing ISO/IEC 27001:2013?

Answer 3

To provide leadership and support for the implementation of and maintenance of the ISMS

Question 4

What kind of information may executives be more interested in?

Answer 4

High-level risks and potential impact on business

Question 5

What should be included in a cyber threat intelligence report to help the audience understand the severity of the threat?

Answer 5

Context for the information

Question 6

What is the difference between likelihood and impact in a structured risk scale?

Answer 6

Impact refers to the severity of the risk while likelihood refers to the probability of occurrence.

Question 7

How can a structured risk scale be used to communicate risk to stakeholders?

Answer 7

By presenting a clear and concise report

Question 8

What is the main difference between traditional penetration testing and threat led penetration testing?

Answer 8

Traditional testing focuses on exploiting known vulnerabilities while threat led testing incorporates the latest threat intelligence to identify emerging threats and attack techniques

Question 9

What are some of the methods used by testers to gather intelligence during a threat led penetration test?

Answer 9

Analysing public facing websites and social media profiles

Question 10

What is the main goal of a threat led penetration test?

Answer 10

To simulate a real world attack and document potential attack scenarios

Question 11

Which of the following angles are typically considered during threat modelling?

Answer 11

Technical, procedural and human factors.

Question 12

Who within an organisation may not be interested in technical details in a cyber threat intelligence report?

Answer 12

Middle management

Question 13

How can tailoring cyber threat intelligence reports for the right audience enhance the overall security posture of an organisation?

Answer 13

By ensuring the intelligence is acted upon and resources are deployed efficiently

Question 14

What is the benefit of providing clear recommendations in cyber threat intelligence reports?

Answer 14

Creating actionable intelligence

Question 15

T/f a risk matrix is a tool used to prioritise risk based on their likelihood and impact

Answer 15

True

Question 16

T/f cyber threat intelligence analysts do not need to worry about implementing key findings from their disseminated reports

Answer 16

True

Question 17

Threat modelling is a process of identifying potential threats and vulnerabilities that could harm an organisation t/f

Answer 17

True

Question 18

Threat modelling involves ranking potential threats by their severity and likelihood of occurrence t/f

Answer 18

True

Question 19

Organisations should only perform risk assessments when they have already experienced a security breach t/f

Answer 19

False

Question 20

Threat modelling is only relevant for organisations that have a high level of security risk t/f

Answer 20

False

Question 21

Why is tailoring your cyber threat reports important

Answer 21

To ensure that intelligence is acted upon

Question 22

What can the diamond model be used for in a cyber threat intelligence report?
- to provide additional resources
- to provide a standardised format

Answer 22

To provide a standardised format

Question 23

Which of the following factors should be considered when assigning values to risks in a structured scale?
- likelihood and impact of the risk
- location of the risk
- length of the report

Answer 23

Likelihood and impact of the risk

Question 24

What is the benefit of using a standardised risk scale?
- increases likelihood of cyber attacks
- makes it easier to assign values to risks
- enables comparison of risks across organisations

Answer 24

Enables comparison of risks across organisations

Question 25

What is the purpose of documenting findings during a threat led pen test?

Answer 25

To prioritise remediation efforts and improve overall security posture