Stufff

Question 1

Which framework includes Reconnaissance, Weaponization, and Delivery?

Answer 1

B) Cyber Kill Chain

Question 2

What is the goal of the Pyramid of Pain?

Answer 2

C) To hinder adversaries by targeting their TTPs

Question 3

What does the Traffic Light Protocol (TLP) define?

Answer 3

B) Sharing restrictions for sensitive information

Question 4

What is meant by ‘Defense Evasion’ in a cyberattack?

Answer 4

B) Avoiding detection by security systems

Question 5

Which tool allows threat intelligence sharing in a structured and automated manner?

Answer 5

A) STIX

Question 6

Which term refers to a cyber threat intelligence sharing initiative?

Answer 6

B) CIISI

Question 7

What does ‘Reconnaissance’ in the Cyber Kill Chain refer to?

Answer 7

B) Identifying vulnerabilities in a target

Question 8

What is the primary motivation for Nation-State threat actors?

Answer 8

C) Political objectives

Question 9

What does ‘Privilege Escalation’ involve?

Answer 9

B) Gaining unauthorized access to higher-level permissions

Question 10

What does the term ‘MLCOA’ stand for in threat scenario planning?

Answer 10

A) Most Likely Course of Action

Question 11

In Horizon Scanning, how far into the future should you look?

Answer 11

B) 5-10 years

Question 12

What is the purpose of the ‘Murder Board’ technique?

Answer 12

B) To aggressively review assumptions and solutions

Question 13

Which is NOT part of the Threat Intelligence Lifecycle?

Answer 13

C) Response

Question 14

What does F3EAD stand for in intelligence operations?

Answer 14

A) Find, Fix, Finish, Exploit, Analyze, Disseminate

Question 15

What is a significant characteristic of Nation-State attackers?

Answer 15

B) They target their own citizens and foreign entities

Question 16

What does the term ‘Horizon Scanning’ involve?

Answer 16

B) Looking into the future to assess potential threats

Question 17

Which document describes metrics for security incident reporting?

Answer 17

C) VERIS

Question 18

What is the role of TAXII in threat intelligence?

Answer 18

C) Sharing threat information between organizations

Question 19

What does STIX stand for?

Answer 19

A) Standardized Threat Indicator and Exchange

Question 20

Which is an example of a Machine-Readable Threat Intelligence (MRTI) format?

Answer 20

A) CybOX

C) VERIS

Question 21

What does STIX stand for?

Answer 21

B) Structured Threat Information eXpression

Question 22

What is the Pyramid of Pain designed to do?

Answer 22

C) Rank the difficulty in disrupting adversary operations

Question 23

What is ‘Insider Threat - Unintentional’ categorized as?

Answer 23

B) An unwitting employee clicking a malicious link

Question 24

What is the role of ‘Credential Access’ in the Cyber Kill Chain?

Answer 24

B) Gaining unauthorized access to usernames and passwords

Question 25

What is MISP, developed by NATO, used for?

Answer 25

C) Tracking and analyzing rare malware

Question 26

What is the goal of Intelligence Preparation of the Cyber Environment (IPCE)?

Answer 26

B) To understand the threat landscape and potential scenarios

Question 27

What is the focus of Intelligence Preparation of the Battlefield (IPB)?

Answer 27

C) Defining and analyzing the cyber battlefield environment

Question 28

What does the term 'Exfiltration' refer to in a cyberattack?

Answer 28

C) Transferring stolen data out of the network