- Which tool is most commonly associated with nation state threat actors?
Advanced Persistent Threat (APT)
2. Which of the following is an enterprise critical asset?
Information
3. Which of the following is NOT a successive layer in which information security is achieved?
Purposes
4. Ian recently earned his security certification and has been offered a promotion to a position that requires him to analyze and design security solutions as well as identifying users’ needs. Which of these generally recognized security positions has Ian been offered?
Security administrator
5. Which of the following is NOT true regarding security?
Security is a war that must be won at all costs.
6. What is a race condition?
When two concurrent threads of execution access a shared resource simultaneously, resulting in unintended consequences.
7. What are industry-standard frameworks and reference architectures that are required by external agencies known as?
Regulatory
8. Gunnar is creating a document that explains risk response techniques. Which of the following would he NOT list and explain in his document?
Extinguish risk
9. An organization that practices purchasing products from different vendors is demonstrating which security principle?
Diversity
10. Which act requires banks and financial institutions to alert their customers of their policies in disclosing customer information?
Gramm-Leach-Bliley Act (GLBA)
11. What is the category of threat actors that sell their knowledge of vulnerabilities to other attackers or governments?
Brokers
12. Adone is attempting to explain to his friend the relationship between security and convenience. Which of the following statements would he use?
Security and convenience are inversely proportional.
13. Which the following is NOT a reason why it is difficult to defend against today’s attackers?
Greater sophistication of defense tools
14. Why do cyberterrorists target power plants, air traffic control centers, and water systems?
They can cause significant disruption by destroying only a few targets.
15. Tatyana is discussing with her supervisor potential reasons why a recent attack was successful against one of their systems. Which of the following configuration issues would NOT be covered?
Vulnerable business processes
16. Signe wants to improve the security of the small business where she serves as a security manager. She determines that the business needs to do a better job of not revealing the type of computer, operating system, software, and network connections they use. What security principle does Signe want to use?
Obscurity
17. Complete this definition of information security: That which protects the integrity, confidentiality, and availability of information _____.
through products, people, and procedures on the devices that store, manipulate, and transmit the information
18. Alyona has been asked by her supervisor to give a presentation regarding reasons why security attacks continue to be successful. She has decided to focus on the issue of widespread vulnerabilities. Which of the following would Alyona NOT include in her presentation?
Misconfigurations
19. Which of the following ensures that only authorized parties can view protected information?
Confidentiality
20. What is an objective of state-sponsored attackers?
To spy on citizens
21. A watering hole attack is directed against which of the following?
a smaller group of specific users
22. Which statement regarding a keylogger is NOT true?
Software keyloggers are generally easy to detect.
23. Which type of mutation completely changes a virus from its original form by rewriting its own code whenever it is executed?
metamorphic
24. Which type of malware requires a user to transport it from one computer to another?
virus
25. What is the name of the threat actor’s computer that gives instructions to an infected computer?
Command and control (C&C) server
26. Each of these is a reason why adware is scorned EXCEPT _____.
it displays the attacker’s programming skills
27. Linnea’s father called her to say that a message suddenly appeared on his screen that says his software license has expired and he must immediately pay $500 to have it renewed before control of the computer will be returned to him. What type of malware is this?
blocking ransomware
28. Which of these items retrieved through dumpster diving would NOT provide useful information?
books
29. Which of the following is NOT a primary trait of malware?
diffusion
30. Which variation of a phishing attack sends phishing messages only to wealthy individuals?
Whaling
31. Which of these could NOT be defined as a logic bomb?
Send spam email to Moa’s inbox on Tuesday.
32. What is the term used for a threat actor who controls multiple bots in a botnet?
bot herder
33. Lykke receives a call while working at the helpdesk from someone who needs his account reset immediately. When Lykke questions the caller, he says, “If you don’t reset my account immediately, I will call your supervisor!” What psychological approach is the caller attempting to use on Lykke?
Intimidation
34. Which of these is a general term used for describing software that gathers information without the user’s consent?
spyware
35. Which of the following is NOT correct about a rootkit?
A rootkit is always the payload of a Trojan.
36. Astrid’s computer screen suddenly says that all files are now locked until money is transferred to a specific account, at which time she will receive a means to unlock the files. What type of malware has infected her computer?
Crypto-malware
37. How can an attacker use a hoax?
A hoax could convince a user that a bad Trojan is circulating and that he should change his security settings.
38. Hedda pretends to be the help desk manager and calls Steve to trick him into giving her his password. What social engineering attack has Hedda performed?
impersonation
39. Ebba received a message from one of her tech support employees. In violation of company policy, a user had downloaded a free program to receive weather reports, but the program had also installed malware on the computer that gave the threat actor unrestricted access to the computer. What type of malware had been downloaded?
RAT
40. Which of the following is defined as following an authorized person through a secure door?
Tailgating
Other Links:
See other websites for quiz:
Check on QUIZLETCheck on CHEGG