Security Blue Team Level 1 Actual Exam Study Questions with 100% Verified Answers | Brand New Version

Security Blue Team Level 1 Actual Exam Study Questions with 100% Verified Answers | Brand New Version 1. Reconnaissance emails (recon emails) - ANSWER used to check if the destination mailbox is in use so that it can be targeted in future phishing attack can be spam, social engineering or tracking pixels 2. Credential Harvesters - ANSWER most common phishing emails targeting human weaknesses to attempt to retrieve valid credentials email will tell the recipient to click a button or URL, where they will typically be presented with a real-looking login portal 3. Typosquatting - ANSWER the act of impersonating a brand or domain name by misspelling it, such as missing letters or including additional ones 4. Homographs - ANSWER this attack exploits the fact that many different characters look exactly alike the problem is with how the characters are encoded using Unicode virtually impossible for users to spot 5. Sender Spoofing - ANSWER the process of making the sending address in an email look the same as a legitimate email to make the recipients believe it is coming from a genuine sender 6. URL Shorteners - ANSWER a tactic for disguising malicious URLs, short versions that simply redirect to the full URL ex. 7. Business Email Compromise (BEC) - ANSWER A type of phishing attack where a threat actor impersonates a known source to obtain financial advantage 8. Email Artifacts - ANSWER - Sending Email Address - Subject Line - Recipient Email Address - Sending Server IP & Reverse DNS - Reply-To Address - Date & Time 9. File Artifacts - ANSWER - Attachment Name - SHA256 Hash Value 10. Web Artifacts - ANSWER - Full URLs - Root Domain 11. Malware Sandboxing - ANSWER the process of running a piece of malware in a contained environment, and closely monitoring exactly what the software does allows security teams to collect indicators of compromise 12. Social Engineering - ANSWER the practice of exploiting a human as opposed to a system malicious actors can convince employees that they are someone they know, or even someone in a higher position that has more power than them 13. Smishing - ANSWER kind of phishing attack, where the attack vector is through a text message or SMS best way to defend is user security awareness training and education 14. Vishing - ANSWER kind of phishing attack, where the attack vector is through a phone call best way to defend is user security awareness training and education 15. Whaling - ANSWER highly-targeted phishing attack that looks to target individuals within management positions in an organization best way to defend is implementing DLP, marking external emails, train individuals to detect phishing emails 16. Malicious Attachments - ANSWER malicious actors will send you Microsoft Office documents to bypass email scanners and to seem less suspicious include malicious macros, series of command and instructions, that download malware to the system 17. Hosted Malware - ANSWER method of hosting malware on websites and convincing users to click on a hyperlink, download a file, and then run it actor can create a malicious domain or compromise a legitimate site then host the malware 18. Spam Emails - ANSWER messages that are unsolicited, unwanted, or unexpected but are not necessarily malicious in nature should not be confused with malicious spam emails 19. False Positives - ANSWER messages that have not been sent by a malicious actor and are instead legitimate emails that have been incorrectly reported as malicious 20. Spear Phishing - ANSWER when a malicious actor spends time before the phishing attack to gather information about their specific target makes it more convincing, increases the chances of the recipient clicking on the email and entering their credentials, or opening an attachment