Test 6 Flashcards
Which of the following answers can be used to describe self-signed digital certificates? (Select 3 answers)
Not trusted by default by web browsers and other applications
Used in trusted environments, such as internal networks and development environments
Not backed by a well-known and trusted third party
A self-signed digital certificate is also referred to as:
Third-party digital certificates, issued by trusted CAs, are automatically trusted by most browsers and operating systems, involve a cost, and require validation of the applicant’s identity. In contrast, self-signed certificates, issued by the entity to itself, are not automatically trusted, are free to create and use, and do not require validation by a CA.
True
In the context of digital certificates, the term “Root of trust” refers to the highest level of trust within a PKI system. It is typically represented by a root CA, which is a trusted third party that serves as the foundation for the entire PKI. All other entities in the PKI hierarchy, including intermediate CAs and end-entities (such as web servers, email servers, user devices, IoT devices, and individual users), derive their trust from this root. When a certificate is issued and signed by an intermediate CA, it gains trust through a chain of trust back to the root CA. This hierarchical trust model allows users and systems to trust certificates presented by websites, services, or individuals because they can trace the trust back to the well-established root of trust.
True
Which of the answers listed below refers to a PKI trust model?
Single CA model
Hierarchical model (root CA + intermediate CAs)
Mesh model (cross-certifying CAs)
Web of trust model (all CAs function as root CAs)
Chain of trust model (multiple CAs in a sequential chain)
Bridge model (cross-certifying between separate PKIs)
Hybrid model (combining aspects of different models)
Which of the following answers refers to a cryptographic file generated by an entity requesting a digital certificate from a CA?
CSR
A type of digital certificate that can be used to secure multiple subdomains within a primary domain is known as:
Wildcard certificate
Which digital certificate type allows to secure multiple domain names or subdomains with a single certificate?
Subject Alternative Name (SAN) certificate
Which of the answers listed below refers to an identifier used for PKI objects?
OID
In IT security, the term “Shadow IT” is used to describe the practice of using IT systems, software, or services within an organization without the explicit approval or oversight of the organization’s IT department.
True
Choose an answer from the drop-down list on the right to match a threat actor type on the left with its common attack vector attribute.
Nation-state
Unskilled attacker
Hacktivist
Insider threat
Organized crime
Shadow IT
External
Internal/External
External
Internal
External
Internal
Match each threat actor type with its corresponding resources/funding attribute.
Nation-state
Unskilled attacker
Hacktivist
Insider threat
Organized crime
Shadow IT
High resources and funding
Low resources and funding
Low to medium resources and funding
Low to high resources and funding
Medium to high resources and funding
Low to medium resources and funding
Assign the level of sophistication attribute to each threat actor type listed below.
Nation-state
Unskilled attacker
Hacktivist
Insider threat
Organized crime
Shadow IT
High level of sophistication
Low level of sophistication
Low to medium level of sophistication
Low to high level of sophistication
Medium to high level of sophistication
Low to medium level of sophistication
From the drop-down list on the right, select the typical motivations behind the actions of each threat actor type.
Nation-state
Unskilled attacker
Hacktivist
Insider threat
Organized crime
Shadow IT
Espionage, political/philosophical beliefs, disruption/chaos, war
Disruption/chaos, financial gain, revenge
Ethical beliefs, philosophical/political beliefs, disruption/chaos
Revenge, financial gain, service disruption
Financial gain, data exfiltration, extortion
Convenience, lack of awareness of security risks, meeting specific needs
Which of the following terms is used to describe sophisticated and prolonged cyberattacks often carried out by well-funded and organized groups, such as nation-states?
APT
An attack surface is the sum of all the potential points (vulnerabilities) through which an attacker can interact with or compromise a system or network, indicating the overall exposure to potential threats. Examples of attack surfaces can be all software, hardware, and network interfaces with known security flaws. A threat vector represents the method or means through which a cyber threat is introduced or delivered to a target system. It outlines the pathway or avenue used by attackers to exploit vulnerabilities. Common threat vector types include phishing emails, malware, drive-by downloads, and social engineering techniques.
True
Which of the answers listed below refers to an email-based threat vector?
Spoofing
Phishing
BEC attacks
Malicious links
Malware attachments
Which of the following terms refers to a threat vector commonly associated with SMS-based communication?
Smishing
Which of the answers listed below refers to an example of a potential threat vector in IM-based communication?
Phishing attack
Malware distribution
Spoofing attack
Eavesdropping
Account hijacking
Malicious link/attachment
Which of the following answers refer to examples of image-based threat vectors? (Select 3 answers)
Steganography
Image spoofing (deepfakes)
Malware-embedded images
Which of the answers listed below refers to a file-based threat vector?
PDF exploits
Malicious macros in documents
Compressed files (ZIP, RAR)
Malicious scripts in web pages
Infected images
Malicious executables
Which of the following answer choices is an example of a threat vector type that is typical for voice communication?
Vishing
Examples of threat vectors directly related to the use of removable devices include: (Select 2 answers)
Malware delivery
Data exfiltration
Which of the answers listed below refer(s) to client-based software threat vector(s)? (Select all that apply)
Drive-by download via web browser
Malicious macro
USB-based attack
Infected executable file
Malicious attachment in email application
Which of the following answers refer to agentless software threat vectors? (Select 2 answers)
Network protocol vulnerability
Packet sniffing