1) Which of the following measures is not commonly used to assess threat intelligence? a) Timeliness b) Detail c) Accuracy d) Relevance 2) Which of the following activities follows threat data analysis in the threat intelligence cycle? a) Gathering feedback b) Threat data collection c) Threat data review d) Threat intelligence dissemination 3) What organizations did the U. S. government help create to help share knowledge between organizations in specific verticals? a) DHS b) SANS c) CERTs d) ISACs 4) Jason gathers threat intelligence that tells him that an adversary his organization considers a threat likes to use USB key drops to compromise their targets. What is this an example of? a) His organization's attack surface b) a possible attack vector c) An example of adversary capability d) A probability assessment 5) What type of assessment is particularly useful for identifying insider threats? a) Behavioral b) Instinctual c) Habitual d) IOCs 6) Which of the following is not a common indicator of compromise? a) Administrative account logins b) Unexpected modifications of configuration files c) Login activity from atypical countries or locations d) Large outbound data transfers from administrative systems 7) Nick wants to analyze attacker tactics and techniques. What type of tool can he deploy to most effectively capture actual attack data for analysis?l a) A firewall b) A honeypot c) WAF d) SIEM 8) Forensic data is most often used for what type of threat assessment data? a) STIX b) Behavioral c) IOCs d) TAXII 9) Naomi wants to make her applications portable and easy to move to new environments without the overhead of a full OS. What type of solution should she select? a) An x86 architecture b) Virtualization c) Containerization d) A SASE solution 10) What design concept requires that each action requested be verified and validated before it it allowed to occur? a) Secure Access service edge b) Zero trust c) Trust but verify d) Extended validation network 11) During a pen test of Anna's company, the pen testers were able to compromise the company's web servers and deleted their log files, preventing analysis of their attacks. What compensating control is best suited to prevent this issue in the future? a) Using full-disk encryption b) Using log rotation c) Sending logs to a syslog server d) Using TLS to protect traffic 12) Sally wants to find configuration files for a Windows system. Which of the following is not a common configuration file location? a) The Windows Registry b) C:\Program Files\ c) directory:\Windows\Temp d) C:\ProgramData\

Day 4 CySA+ review

by
Print
Embed

Leaderboard

Visual style

Options

Switch template

Continue editing: ?