Which task describes threat attribution?

determining who is responsible for the attack

obtaining the most volatile evidence

reporting the incident to the proper authorities

evaluating the server alert data

Match the NIST incident response stakeholder with the role.

reviews policies for local or federal guideline violations

A company is applying the NIST.SP800-61 r2 incident handling process to security events. What are two examples of incidents that are in the category of precursor? (Choose two.)

log entries that show a response to a port scan

a newly-discovered vulnerability in Apache web servers

a host that has been verified as infected with malware

multiple failed logins from an unknown source

an IDS alert message being sent

What will a threat actor do to create a back door on a compromised target according to the Cyber Kill Chain model?

Open a two-way communications channel to the CnC infrastructure.

Obtain an automated tool to deliver the malware payload.

What is the objective the threat actor in establishing a two-way communication channel between the target system and a CnC infrastructure?

to allow the threat actor to issue commands to the software that is installed on the target

to steal network bandwidth from the network where the target is located

to send user data stored on the target to the threat actor

to launch a buffer overflow attack

What is specified in the plan element of the NIST incident response plan?

metrics for measuring the incident response capability and effectiveness

incident handling based on the mission of the organization

organizational structure and the definition of roles, responsibilities, and levels of authority

priority and severity ratings of incidents

Which activity is typically performed by a threat actor in the installation phase of the Cyber Kill Chain?

Install a web shell on the target web server for persistent access.

Obtain an automated tool to deliver the malware payload.

Harvest email addresses of user accounts.

Open a two-way communication channel to the CnC infrastructure.

Cyber Threat Management (Check Point Exam #2)

Authored by Jeff Graus

Information Technology (IT)

10th Grade

Used 2+ times

Cyber Threat Management (Check Point Exam #2)

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

20 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which type of data would be considered an example of volatile data?

temp files

web browser cache

memory registers

log files

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Keeping data backups offsite is an example of which type of disaster recovery control?

preventive

corrective

detective

management

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which NIST-defined incident response stakeholder is responsible for coordinating incident response with other stakeholders and minimizing the damage of an incident?

management

IT support

the legal department

human resources

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What type of exercise interrupts services to verify that all aspects of a business continuity plan are able to respond to a certain type of incident?

Tabletop exercise

Functional test

Operational exercise

MATCH QUESTION

30 sec • 1 pt

Match the intrusion event defined in the Diamond Model of intrusion to the description.

victim

the target of the attack

capability

the parties responsible for the intrusion

adversary

network path used to establish and maintain command and control

infrastructure

a tool or technique used to attack the victim

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is a chain of custody?

the disciplinary measures an organization may perform if an incident is caused by an employee

the documentation surrounding the preservation of evidence related to an incident

a plan ensuring that each party involved in an incident response understands how to collect evidence

a list of all of the stakeholders that were exploited by an attacker

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

According to the Cyber Kill Chain model, after a weapon is delivered to a targeted system, what is the next step that a threat actor would take?

installation

action on objectives

exploitation

weaponization

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

15 questions

Pursuing a Career in Computing Quiz

Quiz

•

10th Grade

20 questions

Bezpieczeństwo w sieci

Quiz

•

10th Grade

20 questions

FASE E. TIK. ULANGAN HARIAN APL ANGKA, KATA, PRESENTASI

Quiz

•

10th Grade

15 questions

AIT CFE Review 3

Quiz

•

10th Grade

15 questions

NF: Unit 3 Review

Quiz

•

10th Grade

19 questions

SCRATCH Programming recap

Quiz

•

10th Grade - University

20 questions

Web Browser

Quiz

•

9th Grade - University

20 questions

Algorytmy

Quiz

•

10th Grade

Popular Resources on Wayground

20 questions

STAAR Review Quiz #3

Quiz

•

8th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

6 questions

Marshmallow Farm Quiz

Quiz

•

2nd - 5th Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

20 questions

Inferences

Quiz

•

4th Grade

19 questions

Classifying Quadrilaterals

Quiz

•

3rd Grade

12 questions

What makes Nebraska's government unique?

Quiz

•

4th - 5th Grade

Discover more resources for Information Technology (IT)

50 questions

STAAR English 2 Review

Quiz

•

10th Grade

20 questions

Figurative Language Review

Quiz

•

10th Grade

20 questions

Grammar

Quiz

•

9th - 12th Grade

31 questions

Easter Trivia

Quiz

•

KG - 12th Grade

16 questions

Circles - Equations, Central & Inscribed Angles

Quiz

•

9th - 12th Grade

46 questions

Unit 4 Geosphere Test Review

Quiz

•

9th - 12th Grade

10 questions

Calculating Surface Area of a Triangular Prism

Interactive video

•

6th - 10th Grade

20 questions

Central Angles and Arc Measures 2

Quiz

•

10th Grade

Cyber Threat Management (Check Point Exam #2)

Which type of data would be considered an example of volatile data?

Keeping data backups offsite is an example of which type of disaster recovery control?

Which NIST-defined incident response stakeholder is responsible for coordinating incident response with other stakeholders and minimizing the damage of an incident?

What type of exercise interrupts services to verify that all aspects of a business continuity plan are able to respond to a certain type of incident?

Match the intrusion event defined in the Diamond Model of intrusion to the description.

What is a chain of custody?

According to the Cyber Kill Chain model, after a weapon is delivered to a targeted system, what is the next step that a threat actor would take?

In which step of the NIST incident response process does the CSIRT perform an analysis to determine which networks, systems, or applications are affected; who or what originated the incident; and how the incident is occurring?

Which task describes threat attribution?

Place the seven steps defined in the Cyber Kill Chain in the correct order.

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Information Technology (IT)