1. The following are all definitions of Cybercrime except?

a. Cybercrimes and crimes are committed using computers and the internet.

Also referred to as: (Electronic Crime) or e-Crime

It's a cybercrime if a computer or computers, and the internet did not play a central role inthe crime

Cybercrime are also referred to as cyber-enabled and Cyber-dependent crimes

2. Categories of Cyber Crimes includes all the following apart from?

a. Corporate Crime: Unauthorized Access, Intellectual Property Theft, Identity Theft, Information Theft, Computer Misuse, Fraud, DoS, Industrial Espionage. Embezzlement

b. National Crime: Child Pornography, Embezzlement, Hacking, Fraud, Cyber Stalking

c. International Crime: Sabotage, Cyber Terrorism, Drug Trafficking, Industrial Espionage and Intellectual Property Theft

d. Computer Crimes: Gaming Hacking, Network Spoofing, DDoS,

3. The following types of Cybercrime threats can be initiated from all the following except?

Internal/Insider Threats

External/Outside Threats C.Types of Network Attacks

d. Computer Threats

4. In Identifying Internal Threats, which department is most vulnerable to attacks?

Sales Department

Finance Department

IT Department

d. Operation Department

5. The following statements are all correct about identifying external threats besides?

a. Cyberattacks can be initiated from anywhere in the world and attribution is extremely difficult as we may not know where it came from

b. National Crime Include: Child Pornography, Embezzlement, Hacking, Fraud, Cyber Stalking, ID Theft, Spoofing, Phishing etc

C. International Crimes include: Sabotage, Cyber Terrorism, Drug Trafficking, Industrial Espionage and Intellectual Property Theft, political activism, 'hacktivism'

d. These cybercrimes cannot happen interchangeably

6. In Identifying internal and external threats, which cybercrime risk poses greater concern and can have a greater impact on an organization?

Reputational Damage

b. Theft or loss of personal identification information

c. Ip theft, including theft of data

d.Service disruption

7. Which of the following is the first in the WASP Top 10 Security Risks & Vulnerabilities2021?

Injection

Broken authentication

c. Sensitive data exposure

d. XML external entities (XXE

8. In identifying cyber threats, which of the following indicates the greatest risk of cyber threat?

a. Both internal and external perpetrators

External fraudsters

Inside the organization

Don't know

9. According to the slides, all the following statements explains the concepts of hacking except?

In computer networking, hacking is any technical effort to manipulate the normal behaviour of network connections and connected systems.

A hacker is any person engaged in hacking into a system without authorization.

The term "hacking" historically referred to constructive, clever technical work that was not necessarily related to computer systems.

Hacking and hackers are not associated with malicious programming attacks on the Internet and other networks.

10. The following are all correct regarding common network hacking techniques apart from?

Hacking on computer networks is often done through tools or other network intrusions.

These programs generally manipulate data passing through a network connection in ways designed to obtain more information about how the target system works.

Many such pre-packaged scripts are posted on the Internet for anyone, typically entry-level hackers, to use.

More advanced hackers may study and modify these scripts to develop new methods.

11. Cracking techniques on networks include all the following except?

Creating worms - Computer worms are malicious software applications designed to spread via computer networks.

Computer worms are not one form of malware along with viruses and trojans.

Initiating denial of service (DoS)attacks - refers to a form of attacking computer systems over a network. DoS is normally a malicious attempt to render a networked system unusable (though often without permanently damaging it).

Establishing unauthorized remote access connections to a device. Such as Interruption, Interception, Modification and Fabrication

12. A malicious attacker must have three things to initiate an attack. Which of the following is wrong?

Method: the skills, knowledge, tools, and other things with which to be able to pull off the attack

Opportunity: the time and access to accomplish the attack

Movement: the way attackers move in a computer

Deny any of those three things and the attack will not occur

13. Which of the following statement does not explain hackers motives?

A hacker is someone who maliciously breaks into systems for personal gain, profit, and even revenge.

Technically, these criminals are crackers (criminal hackers) who break into (crack) systems with malicious intent.

Ethical hackers (or good guys) try to compromise computers for fame

They modify, delete, and steal critical information, often making other people miserable.

14. The roles of computers can play in a crime include all the following except?

A computer can be the target of the crime

It can be the instrument of the crime

The computer cannot have multiple roles.

It can serve as an evidence repository storing valuable information about the crime.

15. In Hacking, the following explains juvenile delinquencies and why they do it when discussing the conscience of hackers except?

Boredom experienced by smart kids at the mercy of incompetent school teachers

The desire to access a service that could be dirt-cheap if it wasn't run by profiteering gluttons

The desire to explore and learn which is denied by 'you' who build atomic bombs, wage wars, murder, cheat and lie

Hackers do not tend to use such explanations to twist the argument and to take the moral high ground

16. All the following further explains juvenile delinquencies when discussing the conscience of hackers besides?

Surveys report that youths deem their attitude towards computer crime acceptable

These hackers are seen to pass through moral learning as they become mature thus reverting from such acts.

One of the reasons for such a trend is not the development of criminology

Other factors include neglect of youth from their parents, parental conflicts, family disruption and breakdown

17. The following statements explains the cybercrime laws and digital forensics apart from?

Existing laws consider at digital forensics investigations process to prosecute cyber criminals

The Legal Framework hinges on the forensics investigations to determine what sentences are merited

Digital Forensics Assist the law enforcement agencies to prosecute cyber criminals

Digital Forensics Assist the law enforcement agencies to follow legal proceedings

18. The following statements explain digital forensics investigations apart from?

It is the Process of Investigating computers and their associated media to determine if it has been used to commit a crime and or used to gain any unauthorized activity.

In digital forensics investigations, crime constitutes a breach of National law e.g. C Murray -v- M. Jackson

Unauthorized activities involve a breach of policy and procedures in a corporate or publicOffice

In digital forensics investigations, cybercrimes does not constitute a breach of international law

19. The goal of computer forensics is to examine digital media in a forensically sound manner with the aim of identifying, preserving, recovering, analyzing and presenting facts and opinions about the information to all the following except?

The Court of Law

To Law Enforcements

To Hackers

To Corporations

20. Challenges in examining computer forensics are that the computer evidence is like any other evidence. For a case to be admissible at court forensic evidence must meet all the following except?

Authentic

Accurate

Complete

Comforting to the juries

21. The following explains the MITRE ATT&CK Enterprise Categories except?

Adversarial Tactics, Techniques, and Common Knowledge (ATT&CKM) for Enterprise is an adversary model and framework for describing the actions an adversary may take to compromise and operate within an enterprise network.

The model can be used to better characterize and describe post-compromise adversary behaviour.

The kill chain model does not explain how cybercriminals exploit a system from the cyber attack life cycle

It both expands the knowledge of network defenders and assists in prioritizing network defence by detailing the tactics, techniques, and procedures (TTs)

22. The following statements explains the MITRE ATT&CK Enterprise Categories except?

Cyber threats use to gain access and execute their objectives while operating inside a network.

ATT&CK for Enterprise focuses on TTs adversaries use to make decisions, expand access, and execute their objectives

It aims to describe an adversary's steps at a high enough level to be applied widely across platforms, but still maintain enough details to be technically useful.

All the above are wrong

23. The following explains the MITRE ATT&CK Enterprise and the tactics categories except?

The 11 tactic categories within ATT&CK were derived from the later stages (exploit, control, maintain, and execute) of a seven-stage Cyber Attack Lifecycle

The method was first articulated by Lockheed Martin as the Cyber Kill Chain.

The 11 tactic categories within ATT&CK were not derived from the later stages

Provide a deeper level of granularitv in describing what can occur during an intrusion.

24. A variety of high-level cyber security use cases rely on the following information of theSTIX tool except?

Analysing cyber threats

Specifying indicator patterns to organization

Managing cyber threat response activities

Sharing cyberthreat information

25. Threat Actors often have several discernible characteristics which can be captured within a STIX Threat Actor object that includes all the following except?

Aliases

Goals

otivations

Ransomware