Module 02: Utilizing Threat Data and Intelligence - Comprehensive Flashcards

0.0(0)
Studied by 0 people
call kaiCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/19

encourage image

There's no tags or description

Looks like no tags are added yet.

Last updated 9:09 AM on 4/22/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai

No analytics yet

Send a link to your students to track their progress

20 Terms

1
New cards

Which type of hacker attempts to probe a system with an organization's permission for weaknesses and then privately report back to that organization?

a. Gray hat hackers

b. Black hat hackers

c. White hat hackers

d. Green hat hackers

White hat hackers

2
New cards

What is the name for malware that is sold by attackers to other attackers and can be customized?

a. Custom malware

b. Proprietary malware

c. Commodity malware

d. ATTACK malware

Commodity malware

3
New cards

Parvin is conducting research on hactivists. Which of the following would she NOT find about hactivists?

a. The name is a combination of the words "hack" and "activism."

b. Hactivists proudly wear the name "hactivist."

c. Hactivists have defaced websites in order to make a political statement.

d. Disinformation campaigns are a favorite tactic of hacktivists.

Hactivists proudly wear the name "hactivist."

4
New cards

Which is not a category of threats based on the Johari window of cybersecurity threats?

a. Known knowns

b. Unknown unknowns

c. Unknown knowns

d. Knowns

Knowns

5
New cards

Which of the following is NOT correct about an Advanced Persistent Threat (APT)?

a. APTs are most commonly associated with nation-state actors.

b. APTs use innovative attack tools.

c. Once a system is infected by an ATP, it silently extracts data over an extended period of time.

d. APTs require the use of SQL injection attacks.

APTs require the use of SQL injection attacks.

6
New cards

Which of the following is NOT a step of the intelligence cycle?

a. Analysis

b. Dissemination

c. Data processing

d. Collection

Data processing

7
New cards

Which phase of the intelligence cycle feeds back into the requirements phase?

a. Dissemination

b. Analysis

c. Financial

d. Feedback

Feedback

8
New cards

Shahnaz is researching security appliances and needs the devices to accept threat data and intelligence using a standard machine-readable open framework. Which technology would Shahnaz require to be a feature of the security appliance?

a. OpenIoC

b. XRML

c. SQL

d. NoSQL

OpenIoC

9
New cards

Which of the following enables the exchange of cyber threat indicators between parties through computer-to-computer communication?

a. AKI

b. PKI

c. AIS

d. TLP

AIS

10
New cards

Which of the following is a language and format used to exchange cyber threat intelligence?

a. TAXII

b. BRICK

c. STIX

d. FLOWII

STIX

11
New cards

Which of the following is NOT a source of threat intelligence?

a. Database vulnerability repositories (DVR)

b. File and code repositories

c. Dark web

d. Vulnerability databases

Database vulnerability repositories (DVR)

12
New cards

Which attack framework is a knowledge base of attacker techniques that have been broken down and contain classification in detail?

a. MITRE ATT&CK

b. Diamond Model of Intrusion Analysis

c. Cyber Kill Chain

d. AXITI

MITRE ATT&CK

13
New cards

Hyat has been asked to research the variables that are used as a basis for the Common Vulnerability Scoring System (CVSS). Which of the following is NOT a variable used in CVSS?

a. Access vector

b. Attack complexity

c. Time of attack

d. Confidentiality of data

Time of attack

14
New cards

What is threat modeling?

a. A proactive strategy for evaluating risks

b. Using CVS data as input into a threat engine

c. Using old threat intelligence data to create new threat intelligence data

d. A standard for assigning a qualitative label to a threat

A proactive strategy for evaluating risks

15
New cards

Which of the following components is the sum total of the number of different attack points?

a. Fault aggregation

b. Vulnerability platform

c. Total attack surface

d. Attack vector

Total attack surface

16
New cards

Which threat model has as its primary focus the developer?

a. MAGELLAN

b. STRIDE

c. Trike

d. PASTA

STRIDE

17
New cards

Which of the following is NOT correct about nation-state actors?

a. Governments are increasingly employing their own state-sponsored attackers.

b. The foes of nation-state actors are only foreign governments.

c. Nation-state actors are considered the deadliest of any threat actors.

d. These attackers are highly skilled and have deep resources.

The foes of nation-state actors are only foreign governments.

18
New cards

What is the name of attackers that sell their knowledge of a weakness to other attackers or to governments?

a. Trustees

b. Dealers

c. Investors

d. Brokers

Brokers

19
New cards

Which of the following categories describes a zero-day attack?

a. Known unknowns

b. Unknown knowns

c. Unknown unknowns

d. Known knowns

Unknown knowns

20
New cards

What is a KRI?

a. A metric of the upper and lower bounds of specific indicators of normal network activity

b. A measure of vulnerability applied to a DVSS

c. A level of IoC

d. A label applied to an XSS

A metric of the upper and lower bounds of specific indicators of normal network activity