Quiz Summary
0 of 60 Questions completed
Questions:
Information
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading…
You must sign in or sign up to start the quiz.
You must first complete the following:
Results
Results
0 of 60 Questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 point(s), (0)
Earned Point(s): 0 of 0, (0)
0 Essay(s) Pending (Possible Point(s): 0)
Categories
- Not categorized 0%
-
Unfortunately, you didn’t pass the quiz, but hey, you have unlimited access.😎
Practice makes you perfect! 👊 -
Congratulations! 🥳
You have passed the quiz successfully! You are one step closer to pass the real exam!
We hope to see you again on another certification path.✌️
Good luck with the exam! Stay strong.👊
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- Current
- Review
- Answered
- Correct
- Incorrect
-
Question 1 of 60
1. Question
A penetration tester is analyzing the output from a web server’s access logs and notices that there is a high volume of requests for a specific URL that does not exist. What could this indicate?
CorrectIncorrect -
Question 2 of 60
2. Question
A security analyst is investigating a series of cyber attacks targeting the company’s email servers. The analyst needs to gather intelligence about the attack tactics and the threat actors behind the attacks. Which open-source intelligence (OSINT) source can the analyst use to obtain this information?
CorrectIncorrect -
Question 3 of 60
3. Question
A security analyst is investigating a cyber attack that took place on the company’s network over the weekend. The analyst needs to gather intelligence about the attack and the threat actors behind it. Which intelligence source should the analyst use to obtain timely information about the attack?
CorrectIncorrect -
Question 4 of 60
4. Question
A security analyst is investigating a series of phishing attacks targeting the company’s employees. The analyst needs to gather intelligence about the tactics and the threat actors behind the attacks. Which intelligence source should the analyst use to obtain relevant information about the attacks?
CorrectIncorrect -
Question 5 of 60
5. Question
A security analyst is investigating a series of attacks that appear to be targeting the company’s financial systems. The analyst needs to gather intelligence about the threat actors and their capabilities. Which intelligence source should the analyst use to obtain information with a high confidence level?
CorrectIncorrect -
Question 6 of 60
6. Question
A security team is trying to share information about a new type of malware with other organizations in their industry. The team wants to use a standardized format to share the information. Which threat intelligence sharing format should the team use?
CorrectIncorrect -
Question 7 of 60
7. Question
A security team is investigating a data breach that occurred on the company’s network. The team needs to gather intelligence about the malware that was used in the attack. Which threat intelligence source should the team use to obtain TAXII-formatted intelligence about the malware?
CorrectIncorrect -
Question 8 of 60
8. Question
A security analyst is investigating a cyber attack on a company’s network. The analyst needs to gather intelligence about the indicators of compromise used in the attack. Which structured format for sharing information about indicators of compromise and malware behavior uses a simple XML schema and is compatible with other cybersecurity tools?
CorrectIncorrect -
Question 9 of 60
9. Question
A security team is analyzing a new threat that has been discovered on the network. The team has identified that the threat is using a known exploit to gain access to the network. Which type of threat is this an example of?
CorrectIncorrect -
Question 10 of 60
10. Question
A security team has identified a new vulnerability in a critical system that is being actively exploited by attackers. The vulnerability was previously unknown and there is no known patch or workaround. Which type of threat is this an example of?
CorrectIncorrect -
Question 11 of 60
11. Question
A security team has discovered that an attacker has been infiltrating the network for several months, conducting reconnaissance, and exfiltrating sensitive data. Which type of threat is this an example of?
CorrectIncorrect -
Question 12 of 60
12. Question
A government agency has identified a sophisticated cyber attack that is targeting a specific department. The attackers have used custom malware and techniques that are consistent with previous attacks attributed to a particular country. Which type of threat actor is this an example of?
CorrectIncorrect -
Question 13 of 60
13. Question
A group of attackers has compromised the email accounts of several prominent politicians and released sensitive information to the public. The attackers claim to be motivated by a desire to expose corruption and promote transparency in government. Which type of threat actor is this an example of?
CorrectIncorrect -
Question 14 of 60
14. Question
A healthcare organization is considering joining an information-sharing and analysis community (ISAC) for the healthcare industry. Which of the following is a potential benefit of participating in an ISAC?
CorrectIncorrect -
Question 15 of 60
15. Question
A small financial services firm is considering joining an information-sharing and analysis organization (ISAO) for the first time. The CEO is hesitant because of concerns about sharing sensitive information with other organizations. Which of the following is a key benefit of ISAO membership that could address these concerns?
CorrectIncorrect -
Question 16 of 60
16. Question
A government agency is looking to improve its threat intelligence capabilities. Which of the following would be the best way to leverage an information-sharing and analysis community (ISAC)?
CorrectIncorrect -
Question 17 of 60
17. Question
In a recent security incident, your organization detected a suspicious process running on several endpoints. To determine if this is an actual threat, you decide to use MITRE ATT&CK to research potential attack techniques. Which MITRE ATT&CK tactic should you focus on to gain insight into how the threat actor might have gained a foothold in your environment?
CorrectIncorrect -
Question 18 of 60
18. Question
A security analyst has identified an intrusion in the organization’s network. The analyst wants to understand the attacker’s tactics, techniques, and procedures (TTPs) to improve their defense strategy. Which attack framework should the analyst use to analyze the intrusion and identify the TTPs?
CorrectIncorrect -
Question 19 of 60
19. Question
A security analyst has received an alert that a user account has been compromised and the attacker is attempting to escalate privileges on the network. What stage of the Kill chain is this activity associated with?
CorrectIncorrect -
Question 20 of 60
20. Question
A company has recently been receiving phishing emails that are spoofing its own domain. The security team wants to conduct a reputational threat research to determine if their domain has been listed on any blacklist due to previous malicious activities. Which of the following tools or techniques can the security team use for this purpose?
CorrectIncorrect -
Question 21 of 60
21. Question
A cybersecurity analyst has detected unusual behavior on a company’s network. They suspect a malware infection but are not able to identify the type of malware. Which type of threat research would be MOST useful in this scenario?
CorrectIncorrect -
Question 22 of 60
22. Question
An organization is trying to prevent a ransomware attack and has identified certain indicators of compromise (IoCs) that are associated with known ransomware families. Which of the following would be most effective in utilizing these IoCs to protect against the threat?
CorrectIncorrect -
Question 23 of 60
23. Question
A security team has received an alert that a new vulnerability has been discovered in a commonly used software application. The team is responsible for prioritizing the patching of vulnerabilities based on the risk they pose to the organization. Which CVSS metric would be most relevant in this scenario?
CorrectIncorrect -
Question 24 of 60
24. Question
A company has identified its critical assets and potential attack vectors. What additional steps should the company take to improve its threat modeling and prepare for potential attacks?
CorrectIncorrect -
Question 25 of 60
25. Question
In a threat modeling exercise, which of the following best describes the ‘total attack surface’?
CorrectIncorrect -
Question 26 of 60
26. Question
In a threat modeling exercise, a security analyst is asked to identify the total attack surface of a new web application. Which of the following would be the most important factor to consider?
CorrectIncorrect -
Question 27 of 60
27. Question
In threat modeling, what does the term “attack vector” refer to?
CorrectIncorrect -
Question 28 of 60
28. Question
Which of the following is an example of threat intelligence that can be used in incident response?
CorrectIncorrect -
Question 29 of 60
29. Question
A company has implemented a vulnerability management program and is using threat intelligence to identify potential threats. Which of the following is an example of utilizing threat intelligence to support vulnerability management?
CorrectIncorrect -
Question 30 of 60
30. Question
In a large organization, the security operations center (SOC) team is responsible for monitoring the network and detecting potential threats. A security analyst has identified a suspicious IP address that is attempting to connect to a database server. The analyst uses threat intelligence to further investigate this IP address and discovers that it has been linked to several successful attacks against financial institutions in the past. What is the next step the analyst SHOULD take to support the detection and monitoring function?
CorrectIncorrect -
Question 31 of 60
31. Question
Which of the following is a disadvantage of active scanning for vulnerability identification?
CorrectIncorrect -
Question 32 of 60
32. Question
In which of the following scenarios is passive scanning preferred over active scanning for vulnerability identification?
CorrectIncorrect -
Question 33 of 60
33. Question
A security analyst is tasked with identifying vulnerabilities in a company’s network infrastructure. Which of the following activities involves mapping/enumeration to discover vulnerable systems?
CorrectIncorrect -
Question 34 of 60
34. Question
You are conducting a vulnerability scan of your organization’s network and come across a potential vulnerability in a web application that could lead to unauthorized access. You decide to investigate the issue further and perform a manual penetration test, which confirms the presence of the vulnerability. What type of result is this considered?
CorrectIncorrect -
Question 35 of 60
35. Question
A vulnerability scanning tool has identified a potential vulnerability in a server that hosts a critical application. The IT team responsible for managing the server has conducted a thorough investigation and determined that the identified vulnerability does not exist on the server. Which of the following best describes this situation?
CorrectIncorrect -
Question 36 of 60
36. Question
In the context of vulnerability management, which of the following is an example of a true negative?
CorrectIncorrect -
Question 37 of 60
37. Question
A security analyst is conducting a vulnerability scan on a system and the scan tool reported no vulnerabilities. However, the analyst later discovered that the system was actually vulnerable to an exploit that was used by an attacker to gain unauthorized access. Which of the following statements correctly describes the type of validation error in this scenario?
CorrectIncorrect -
Question 38 of 60
38. Question
A system administrator has been tasked with implementing a new security standard to ensure all systems are configured securely. What should be the first step in this process?
CorrectIncorrect -
Question 39 of 60
39. Question
An organization’s vulnerability scanning identified a critical vulnerability on a server that could allow an attacker to execute remote code. The IT team has determined that the server is running an outdated version of the operating system, which is the root cause of the vulnerability. What is the most effective remediation strategy?
CorrectIncorrect -
Question 40 of 60
40. Question
A network administrator discovered a vulnerability on a server that is running a critical application. The vulnerability is due to a configuration error that allows unauthenticated access to the application’s administrative console. What is the most effective remediation strategy?
CorrectIncorrect -
Question 41 of 60
41. Question
What is the best approach to reduce the risk associated with scanning activities?
CorrectIncorrect -
Question 42 of 60
42. Question
An organization wants to perform a vulnerability scan on its network to identify and remediate any issues. However, they are concerned about the security risks of providing credentials to the scanning tool. Which of the following best describes the difference between credentialed and non-credentialed scans?
CorrectIncorrect -
Question 43 of 60
43. Question
In a large enterprise environment with numerous servers and endpoints, the IT team is responsible for regularly scanning and patching vulnerabilities. Which remediation method is best suited for this scenario?
CorrectIncorrect -
Question 44 of 60
44. Question
A security analyst is tasked with remediating a vulnerability that was identified during a vulnerability scan. The vulnerability is located on a web server that hosts a critical business application. The remediation plan requires changes to the server’s configuration. Which remediation method is BEST suited for this scenario?
CorrectIncorrect -
Question 45 of 60
45. Question
A company has a database containing sensitive customer information, including social security numbers, credit card numbers, and home addresses. The company’s vulnerability scanner regularly scans the database, but the security team recently discovered that the scanner is not detecting vulnerabilities in the credit card number fields. What type of scanning parameter should the team adjust to ensure that these vulnerabilities are identified?
CorrectIncorrect -
Question 46 of 60
46. Question
Which of the following is an advantage of true negative results in vulnerability management?
CorrectIncorrect -
Question 47 of 60
47. Question
In a large organization, the vulnerability scanning team has been requested to perform a full network scan. The team has limited time to perform the scan due to tight deadlines. Which of the following scanning parameters would be most appropriate to use in this scenario?
CorrectIncorrect -
Question 48 of 60
48. Question
In a large enterprise environment, the vulnerability management team is performing a vulnerability scan on the company’s network. However, the intrusion prevention system (IPS) keeps blocking the scanning traffic and does not allow the vulnerability scanner to complete the scan. What is the BEST way to ensure successful completion of the vulnerability scan?
CorrectIncorrect -
Question 49 of 60
49. Question
A security analyst is conducting a vulnerability scan on a network protected by an intrusion detection system (IDS) and a firewall. During the scan, the IDS alerts on some of the scan traffic, but the firewall does not. What is the likely reason for this difference in behavior?
CorrectIncorrect -
Question 50 of 60
50. Question
In a large organization, a security analyst has discovered a critical vulnerability in a third-party software component used by the marketing department. However, the marketing department is reluctant to apply a patch to the software as it might cause instability in their applications. What could be a potential inhibitor to remediation in this scenario?
CorrectIncorrect -
Question 51 of 60
51. Question
A mobile application allows users to upload and share photos. An attacker can use this functionality to upload malicious images that contain hidden malware. What is the BEST control to mitigate this vulnerability?
CorrectIncorrect -
Question 52 of 60
52. Question
Which of the following is an effective control for mitigating a dereferencing vulnerability?
CorrectIncorrect -
Question 53 of 60
53. Question
A web application allows users to make purchases online. Each user has a unique account number associated with their profile, which they can access to view their purchase history. A hacker discovers that by changing the account number in the URL, they can view other users’ purchase history. What control should be implemented to mitigate this insecure object reference vulnerability?
CorrectIncorrect -
Question 54 of 60
54. Question
A company’s web application uses a shared resource to manage customer transactions. The application does not implement any locking mechanism, which causes race conditions. What is the best control to mitigate this vulnerability?
CorrectIncorrect -
Question 55 of 60
55. Question
A company has recently experienced several security incidents where attackers gained unauthorized access to sensitive data by exploiting vulnerabilities in their authentication system. The company wants to implement controls to mitigate these attacks. Which of the following controls would be MOST effective in preventing broken authentication vulnerabilities?
CorrectIncorrect -
Question 56 of 60
56. Question
A software developer is creating a web application that will be used by multiple departments within a company. The developer includes a third-party component to add functionality to the application. However, the security team discovers that the third-party component has a vulnerability that could allow attackers to bypass authentication and gain unauthorized access to sensitive data. What control can the security team implement to mitigate this vulnerability?
CorrectIncorrect -
Question 57 of 60
57. Question
A company has recently identified that its IT environment is vulnerable to the risk of insecure components due to the use of outdated and unsupported software. They want to implement controls to mitigate this risk. Which of the following measures should they take?
CorrectIncorrect -
Question 58 of 60
58. Question
A company recently purchased a new web application that is designed to run on a Linux server. The server was set up using default configurations, and the company’s IT team has noticed some security concerns. Which of the following actions could help mitigate the vulnerabilities associated with weak or default configurations?
CorrectIncorrect -
Question 59 of 60
59. Question
A software developer has written a new function for a web application using the
strcpy
function to copy data from one string to another. The developer is unaware of the security risks associated with the use of thestrcpy
function. Which control would be the most effective in mitigating the vulnerability of the application to attacks leveraging the use of insecure functions such asstrcpy
?CorrectIncorrect -
Question 60 of 60
60. Question
A developer is coding a new application that requires a large amount of memory to store user input data. During testing, it is found that an attacker can overflow the heap and execute arbitrary code. Which of the following is the most effective control to mitigate this attack?
CorrectIncorrect