[FCF] Threat Landscape - Module 3 : Quesion&Answer

Q. Which attack vector does an influence campaign rely upon?
Select one:

- Messaging service
- Zero-trust software exploit
- Email
- Social media 


Q. Which threat indicator could be an indication of an active insider threat?
Select one:

- An open pot of honey is suspiciously left on a kitchen countertop
- An employee shows contempt for an organization’s policies 
- A USB drive is found abandoned in an organization’s parking lot
- Two employees disagree on the interpretation of a security policy


Q. Which technique most accurately describes social engineering?
Select one:

- Psychological manipulation
- Zero-day attack
- Quid pro quo
- Exploiting computer weaknesses


Q. Which description best explains pharming?
Select one:

- Cultivating trust between a bad actor and the target through chance encounters
- Recruiting employees through various means to carry out an insider attack
- Exploiting an unknown vulnerability in computer software
- Computer traffic redirected from a legitimate website to a malicious one

Q. Which attack method relies on a telephone or voice-over-IP to target individuals or small groups, such as members of a finance department?
Select one:

- Smishing
- Vishing
- Whaling
- Honeypot


Q. What objective is accomplished by the last two stages of an influence campaign?
Select one:

- Theft of information or money
- Amplification of the message
- Access to the target’s network
- Clarification of the narrative

 

Q. What type of insider threat is an individual who believes they are exempt from their organization’s security policies and bypasses them?
Select one:

- Collaborator
- Lone wolf
- Pawn
- Goof 


Q. Which two insider types are considered malicious insider threats? (Choose two.)
Select one or more:

- Rats
- Lone wolves
- Pawns
- Moles