Question
Question 11 (2 points) A threat actor gets access to some data of Contoso Bank after a successful SQL injection attack. After detecting that this
Question 11 (2 points)
A threat actor gets access to some data of Contoso Bank after a successful SQL injection attack. After detecting that this incident happened, Contoso Bank decides to shut down the affected website until the vulnerability can be remediated. What cybersecurity aspect was affected?
Question 11 options:
|
|
|
| a) | Confidentiality |
|
|
|
| b) | Integrity |
|
|
|
| c) | Availability |
|
|
|
| d) | We don't know |
Question 12 (2 points)
An attacker performs data obfuscation to make his presence more difficult to detect. What tactic does that technique correspond to?
Question 12 options:
|
|
|
| a) | Collection |
|
|
|
| b) | Initial Access |
|
|
|
| c) | Persistence |
|
|
|
| d) | Exfiltration |
|
|
|
| e) | Command and Control |
Question 13 (2 points)
Which of the following tasks is NOT aligned with what a typical incident response team would do?
Question 13 options:
|
|
|
| a) | Preventing an incident from spreading |
|
|
|
| b) | Establishing the best path to resolve an incident |
|
|
|
| c) | Ensuring that the threat actors responsible for the incident are neutralized |
|
|
|
| d) | Identifying the root cause of an incident |
|
|
|
| e) | Returning the business to a normal operating state |
Question 14 (2 points)
When formally preparing for incident response, which of these documents should you write first?
Question 14 options:
|
|
|
| a) | These documents should all be worked on in parallel |
|
|
|
| b) | We could be writing these documents in any order |
|
|
|
| c) | Incident Response Procedure |
|
|
|
| d) | Incident Response Plan |
|
|
|
| e) | Incident Response Policy |
Question 15 (4 points)
Ahmed and Tricia both work as cybersecurity analyst in a SOC(security operation center). Ahmed works for Contoso Bank and Tricia works for Fabrikam Bank. On an average week, Ahmed handles 5 security incidents and Tricia handles 8 security incidents. Could we say that Tricia is being more efficient that Ahmed? Please explain why.
Question 15 options:
|
|
Question 16 (2 points)
A web developer forgets to sanitize the input from a field in a web form and all the data of their clients in their database gets stolen as a result of a SQL injection attack. What is the cause of this incident?
Question 16 options:
|
|
|
| a) | Accident |
|
|
|
| b) | Error |
|
|
|
| c) | Voluntary |
|
|
|
| d) | We don't have enough information to respond |
Question 17 (4 points)
Explain the relevance of understanding your environment within the context of cyber resilience.
Question 17 options:
|
|
Question 18 (2 points)
As an AVERAGE organisation, which of these threat actors should you be more worried about?
Question 18 options:
|
|
|
| a) | Hacktivists/Terrorists |
|
|
|
| b) | Insiders |
|
|
|
| c) | Nation-states |
|
|
|
| d) | Opportunists |
|
|
|
| e) | Cybercriminals |
Question 19 (4 points)
Explain the challenges associated with protecting the cybersecurity of an organization from nation-states.
Question 19 options:
|
|
Question 20 (2 points)
At what step would you assess if you were able to meet your objectives during the execution of a cyber resilience cycle?
Question 20 options:
|
|
|
| a) | Assessment |
|
|
|
| b) | Objectives |
|
|
|
| c) | Plan |
|
|
|
| d) | Report |
|
|
|
| e) | Execute |
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Temporal Databases Research And Practice Lncs 1399
Authors: Opher Etzion ,Sushil Jajodia ,Suryanarayana Sripada
1st Edition
3540645195, 978-3540645191
