Q. Which expression would best qualify as threat intelligence?
Select one:
- A list of malicious IP addresses and domain names
- Data feeds from a Security Information and Event Manager (SIEM)
- Security implications and actionable advice
- News of a cyberattack on another organization’s network
Q. Which three requisite qualities must information have for it to be threat intelligence? (Choose three.)
Select one or more:
- Relevant
- Detailed
- Actionable
- Contextual
- Timely
Q. Which hacker type is someone employed by a computer security consulting firm who could be hired to do penetration testing?
Select one:
- Blue hat
- Black hat
- Grey hat
- Green hat
Q. Which bad actor type is motivated by notoriety?
Select one:
- Adventurer
- Cyber terrorist
- Cybercriminal
- Explorer
Q.Which step is the final action in the threat intelligence process?
Select one:
- Identifying which threats must be mitigated
- Disseminating threat information
- Providing feedback and a review of lessons learned
- Eliminating threats
Q. Which two attack vector categories characterize a ransomware attack? (Choose two.)
Select one or more:
- Computer technology
- Human
- Post-exploit
- Pre-exploit
Q. What are the two ingredients of a successful social engineering attack? (Choose two.)
Select one or more:
- Breaching the victim’s computer by exploiting a weakness in an application
- Gaining the trust of the victim
- Denying the victim access to a server or service
- Stealing the victim’s credentials by watching them as they log in
- Compelling the victim to act, such as instilling a sense of urgency
Q. Which standard develops a common language for cyberthreat information?
Select one:
- Common vulnerability scoring system (CVSS)
- Structured threat information expression (STIX)
- Cyberthreats vernacular (CTV)
- MITRE ATT&CK
Q. Which bad actor type is motivated by ideology?
Select one:
- Cyber ideologue
- Hacktivist
- Cyber warrior
- Explorer
Q. Manipulating people to do something contrary to their interests is an example of which cybersecurity threat category?
Select one:
- Social engineering
- System design failure
- Unauthorized access
- Malware
80% 넘으면 Pass니까 위에 참고해서 파이팅합시다!
틀린 부분있으면 알려주세요 바로 수정하겠습니다!
[FCF] Threat Landscape - Module 2 : The Threat Landscape (위협 환경)
[FCF] Threat Landscape - Module 2 : The Threat Landscape (위협 환경)
A. 위협 환경1. 위협 환경(Threat Landscape)이란? 위협 환경은 특정 컨텍스트 또는 도메인의 위협 모음이며 위협의 가해자, 즉 악의적인 행위자(Bad Actors)에 대한 정보를 포함합니다. 사이버 보안의
infoofit.tistory.com
[FCF] Threat Landscape - Module 3 : Quesion&Answer
[FCF] Threat Landscape - Module 3 : Quesion&Answer
Q. Which attack vector does an influence campaign rely upon? Select one: - Messaging service - Zero-trust software exploit - Email - Social media Q. Which threat indicator could be an indication of an active insider threat? Select one: - An open pot of
infoofit.tistory.com