Cybersecurity Scenarios Quiz

Your company experienced a phishing attack last month. Now, the IT team is meeting to discuss what went well and what could be improved in future incidents. What phase of incident response is this?

A cybercriminal creates a fake invoice with hidden malware and emails it to a company employee. This action is part of which stage in the Cyber Kill Chain?

You want to set up a system that can automatically block IP addresses when threats are detected and pull data from threat intelligence feeds. What solution is best for this?

You're troubleshooting a Linux server and want to capture real-time network packets to analyze strange traffic. What command-line tool should you use?

You receive an email that looks like it’s from your company's CEO, but your DNS security shows the sender’s IP is not part of the company’s authorized email servers. What is the most likely issue?

Your team is analyzing a cyber attack. They create a chart that connects the attacker, tools used, network, and victim. What model are they using?

You notice that a user’s machine is making regular connections to an external IP address every 5 minutes. What is this behavior called?

A company wants to make sure only approved devices can access the network. Which security technology will help stop rogue devices from connecting?

An employee’s computer has a scheduled task running every 15 minutes with a suspicious script name. No one from IT created it. What should be suspected?

You're unsure if a file you downloaded is safe. You upload it to VirusTotal, which scans it using several antivirus tools. What type of analysis are you performing?