Week 7 Q's Flashcards

1
Q

What is the primary purpose of the MITRE ATT&CK framework?

a. To identify potential vulnerabilities in software and hardware
b. To map tactics and techniques used by threat actors in cyber attacks
c. To create a standardized methodology for threat hunting
d. To provide a framework for secure software development

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the difference between the MITRE ATT&CK framework and a threat intelligence platform?

a. A threat intelligence platform provides real-time threat data, while the MITRE ATT&CK framework is a static framework.
b. The MITRE ATT&CK framework provides detailed information on attack techniques, while a threat intelligence platform focuses on threat actors and their motivations.
c. The MITRE ATT&CK framework is designed for use by security analysts, while a threat intelligence platform is designed for use by executives and management.
d. There is no difference; the terms are interchangeable.

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following best describes the “mitigation” phase in the MITRE ATT&CK framework?

a. Identifying and blocking potential attack vectors
b. Investigating and analyzing security incidents
c. Detecting and containing attacks in progress
d. Responding to and recovering from successful attacks

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the purpose of the “information gathering” phase in the MITRE ATT&CK framework?

a. To identify potential targets for an attack
b. To gather intelligence on an organization’s security posture
c. To identify potential vulnerabilities in a target system
d. To gather information about the target’s physical location

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following is a technique used in the “credential access” phase of the MITRE ATT&CK framework?

a. Brute force password cracking
b. SQL injection attacks
c. Social engineering attacks
d. Cross-site scripting (XSS) attacks

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following is a tactic used in the “command and control” phase of the MITRE ATT&CK framework?

a. Reconnaissance
b. Lateral movement
c. Execution
d. Communication

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the purpose of the “persistence” phase in the MITRE ATT&CK framework?

a. To establish a foothold in a target system
b. To escalate privileges on a target system
c. To evade detection by security tools
d. To exfiltrate data from a target system

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following is a technique used in the “exfiltration” phase of the MITRE ATT&CK framework?

a. Remote access Trojan (RAT)
b. Denial of Service (DoS) attacks
c. Distributed Denial of Service (DDoS) attacks
d. Man-in-the-middle (MITM) attacks

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following best describes the “impact” phase in the MITRE ATT&CK framework?

a. The phase where the attacker attempts to cover their tracks and erase evidence of their activity
b. The phase where the attacker causes damage to the target system or organization
c. The phase where the attacker attempts to evade detection by security tools
d. The phase where the attacker establishes a persistent presence in the target system

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following is a tactic used in the “defense evasion” phase of the MITRE ATT&CK framework?

a. Data obfuscation
b. Remote code execution
c. Network reconnaissance
d. Privilege escalation

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the purpose of the “execution” phase in the MITRE ATT&CK framework?

a. To establish a foothold in a target system
b. To execute malware or other malicious code on a target system
c. To move laterally within a target environment
d. To exfiltrate data from a target system

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following is a technique used in the “lateral movement” phase of the MITRE ATT&CK framework?

a. Remote access Trojan (RAT)
b. Phishing attacks
c. Port scanning
d. Pass-the-hash attacks

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following is a tactic used in the “reconnaissance” phase of the MITRE ATT&CK framework?

a. Exploitation
b. Privilege escalation
c. Data exfiltration
d. Active scanning

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following is a technique used in the “collection” phase of the MITRE ATT&CK framework?

a. Keylogging
b. Cross-site scripting (XSS) attacks
c. Port scanning
d. SQL injection attacks

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following is a tactic used in the “initial access” phase of the MITRE ATT&CK framework?

a. Exploitation
b. Lateral movement
c. Execution
d. Persistence

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the purpose of the “impact” phase in the MITRE ATT&CK framework?

a. To establish a foothold in a target system
b. To cause damage to the target system or organization
c. To evade detection by security tools
d. To exfiltrate data from the target system

A

B

17
Q

Which of the following is a technique used in the “privilege escalation” phase of the MITREATT&CK framework?

a. Pass-the-hash attacks
b. SQL injection attacks
c. Distributed Denial of Service (DDoS) attacks
d. Cross-site scripting (XSS) attacks

A

A

18
Q

What is the purpose of the “exfiltration” phase in the MITRE ATT&CK framework?

a. To establish a foothold in a target system
b. To cause damage to the target system or organization
c. To evade detection by security tools
d. To steal data from the target system

A

D

19
Q

Which of the following is a tactic used in the “defense evasion” phase of the MITRE ATT&CK framework?

a. Exploitation
b. Data obfuscation
c. Credential access
d. Collection

A

B

20
Q

What is the purpose of the “discovery” phase in the MITRE ATT&CK framework?

a. To identify potential targets for an attack
b. To gather intelligence on an organization’s security posture
c. To identify potential vulnerabilities in a target system
d. To gather information about the target’s physical location

A

C