CTIA
4.8 (8 reviews)
Save
Terms in this set (383)
Q. 1 Which of the following terms D
refers to the existence of a weakness,
design flaw, or implementation error,
which can lead to an unexpected
event compromising the security of
the system?
A. Hacking
B. Zero-day attack
C. Exploit
D. Vulnerability
2 Which of the following types of D
threat actors are unskilled hackers
who compromise systems by running
scripts, tools, and software
developed by real hackers?
A. Industrial spies
B. State-sponsored hackers
C. Organized hackers
D. Script kiddies
,3 Which of the following C
components refers to a node in the
network that routes the traffic from a
workstation to external command
and control server and helps in
identification of installed malware in
the network?
A. Repeater
B. Hub
C. Gateway
D. Network interface card (NIC)
4 What is the main source of A
technical threat intelligence data
collection?
A. Malware indicators, network
indicators, and e-mail indicators
B. Chat room conversations
C. Geopolitical information
D. Data feeds and online sources
5 Which of the following types of C
data analysis deals with analyzing
the real-time data of the current
activities and enables the analyst to
identify what is currently happening
in the organization based on the
acquired real-time data?
A. Predictive
B. Diagnostic
C. Descriptive
D. Prescriptive
,6 Which of the following criteria is D
used to rate intelligence that is
delivered to the stakeholder that
helps in improving the defense
strategies to detect the reported
threats and decrease reoccurrences?
A. Informative
B. Awareness
C. Richness
D. Actionable
7 Which of the following terms D
describes an interpreted information
providing broader in-depth
knowledge of the subject that
supports decision making and
response actions to resolve complex
problems?
A. Data
B. Knowledge
C. Information
D. Intelligence
, 8 Clark is an attacker who wants to A
acquire confidential information of a
target organization for some financial
benefit. He created an illegitimate e-
mail containing malicious links and
distributed to all the employees of
that organization to obtain private
information, such as social security
numbers, account numbers, credit
card numbers, and mobile numbers.
Which type of attack does this
scenario present?
A. Phishing
B. Buffer overflow
C. Spoofing
D. Denial-of-service attack
9 Marry wants to follow an iterative B
and incremental approach to
prioritize requirements in order to
protect the important assets of an
organization against attacks. She
wants to set the requirements based
on the order of priority, where the
most important requirement must
meet before, for a greater chance of
success. She wants to apply
prioritization tasks, scenarios, use
cases, tests, and so on.
Which of the following
methodologies should Marry use to
prioritize the requirements?
A. Data visualization
B. MoSCoW
C. Fusion analysis
D. Data sampling
4.8 (8 reviews)
Save
Terms in this set (383)
Q. 1 Which of the following terms D
refers to the existence of a weakness,
design flaw, or implementation error,
which can lead to an unexpected
event compromising the security of
the system?
A. Hacking
B. Zero-day attack
C. Exploit
D. Vulnerability
2 Which of the following types of D
threat actors are unskilled hackers
who compromise systems by running
scripts, tools, and software
developed by real hackers?
A. Industrial spies
B. State-sponsored hackers
C. Organized hackers
D. Script kiddies
,3 Which of the following C
components refers to a node in the
network that routes the traffic from a
workstation to external command
and control server and helps in
identification of installed malware in
the network?
A. Repeater
B. Hub
C. Gateway
D. Network interface card (NIC)
4 What is the main source of A
technical threat intelligence data
collection?
A. Malware indicators, network
indicators, and e-mail indicators
B. Chat room conversations
C. Geopolitical information
D. Data feeds and online sources
5 Which of the following types of C
data analysis deals with analyzing
the real-time data of the current
activities and enables the analyst to
identify what is currently happening
in the organization based on the
acquired real-time data?
A. Predictive
B. Diagnostic
C. Descriptive
D. Prescriptive
,6 Which of the following criteria is D
used to rate intelligence that is
delivered to the stakeholder that
helps in improving the defense
strategies to detect the reported
threats and decrease reoccurrences?
A. Informative
B. Awareness
C. Richness
D. Actionable
7 Which of the following terms D
describes an interpreted information
providing broader in-depth
knowledge of the subject that
supports decision making and
response actions to resolve complex
problems?
A. Data
B. Knowledge
C. Information
D. Intelligence
, 8 Clark is an attacker who wants to A
acquire confidential information of a
target organization for some financial
benefit. He created an illegitimate e-
mail containing malicious links and
distributed to all the employees of
that organization to obtain private
information, such as social security
numbers, account numbers, credit
card numbers, and mobile numbers.
Which type of attack does this
scenario present?
A. Phishing
B. Buffer overflow
C. Spoofing
D. Denial-of-service attack
9 Marry wants to follow an iterative B
and incremental approach to
prioritize requirements in order to
protect the important assets of an
organization against attacks. She
wants to set the requirements based
on the order of priority, where the
most important requirement must
meet before, for a greater chance of
success. She wants to apply
prioritization tasks, scenarios, use
cases, tests, and so on.
Which of the following
methodologies should Marry use to
prioritize the requirements?
A. Data visualization
B. MoSCoW
C. Fusion analysis
D. Data sampling
