Key Concepts Flashcards
(40 cards)
What is the key characteristic of CBEST that differentiates it from other security testing regimes?
a) Automated scanning
b) Intelligence-led approach
c) Randomized testing
d) Employee training
b) Intelligence-led approach
What is the focus of CBEST’s penetration testing approach?
a) Testing user passwords
b) Mimicking cyber attackers to compromise important business services
c) Simulating phishing attacks
d) Enhancing website traffic
b) Mimicking cyber attackers to compromise important business services
Which type of threat actor lacks technical skills but uses scripts from others?
b) Script kiddies
What is the primary motive of hacktivists?
c) Political agenda
Answer: c) Political agenda
Which threat actor is known for using cyberspace to disrupt, gain profits, or spread propaganda?
a) Cyber terrorists
Answer: a) Cyber terrorists
What do cyber criminals typically target for financial gain?
a) Personal identifiable information
Answer: a) Personal identifiable information
Which type of threat actor is affiliated with a nation state?
d) State-sponsored groups
Answer: d) State-sponsored groups
What does the Cyber Killchain framework help with?
a) Identifying physical threats
b) Intrusion analysis
c) Employee training
d) Hardware security
b) Intrusion analysis
The Diamond Model of intrusion is used for:
b) Intrusion analysis
Answer: b) Intrusion analysis
What does ACH stand for?
Analysis of competing hypothesis
What is the purpose of the Intelligence Preparation of the Environment (IPE)?
b) Understanding likely threat scenarios
Answer: b) Understanding likely threat scenarios
What is a key step in the IPE process?
c) Evaluating threats
Answer: c) Evaluating threats
Which of the following is NOT a step in the IPE process?
c) Develop malware
Answer: c) Develop malware
What does the MoSCoW prioritization framework help with?
b) Task prioritization
Answer: b) Task prioritization
In an Intelligence Collection Plan (ICP), what is the role of ‘assets, resources, and deterrents’?
c) To evaluate and guide collection sources
Answer: c) To evaluate and guide collection sources
What is the purpose of taskings in the Intelligence Collection Plan?
b) To assign collection tasks
Answer: b) To assign collection tasks
What does a 5x5x5 grid help evaluate?
a) Data reliability and credibility
Answer: a) Data reliability and credibility
Attack trees are used in threat modeling to:
d) Visualize attack paths
Answer: d) Visualize attack paths
What format does STIX use for structured threat information expression?
c) JSON
Answer: c) JSON
Which of the following is NOT an example of an STIX Domain Object (SDO)?
c) Relationship
Answer: c) Relationship
What is the function of TAXII in threat intelligence sharing?
Answer: Incomplete question
IX use for structured threat information expression?
c) JSON
Answer: c) JSON
What is the function of TAXII in threat intelligence sharing?
c) Information exchange over HTTPS
Answer: c) Information exchange over HTTPS
Which TLP color restricts disclosure to participants only?
d) TLP:RED
Answer: d) TLP:RED
