1 What type of security testing uses scenarios to mimic attackers?
A. Intelligence-led
B. Security Testing None of the listed choices is correct.
C. Simulated Attacks
D. Scenario-based Testing correct answers A
2 Who coined the terms "unknown unknowns" and "known unknowns?"
A. Presiden...
1 What type of security testing uses scenarios to mimic attackers?
A. Intelligence-led
B. Security Testing None of the listed choices is correct.
C. Simulated Attacks
D. Scenario-based Testing correct answers A
2 Who coined the terms "unknown unknowns" and "known unknowns?"
A. President George W. Bush
B. Senator Claire McCaskill
C. Secretary of Defense Robert McNamara
D. Secretary of Defense Donald Rumsfeld correct answers D
3 What is the defining characteristic of a risk?
A. loss or harm
B. impact on assets
C. None of the listed choices is correct.
D. uncertainty of an adverse event correct answers D
4 What is the main purpose of the Cyber Threat Intelligence process?
A. to make an organization aware of existing and emerging threats
B. None of the listed choices is correct.
C. to uncover unknown threats before they cause damage to an asset or data
D. to feed information into the organization's decision making processes correct
answers A
5 What is the primary goal of an Advanced Persistent Threat?
A. None of the listed choices is correct.
B. stealthy theft of information
C. gain control of IT systems and subvert their operations
D. hidden damage to IT systems correct answers B
6 How can Cyber Threat Intelligence be used to combat data loss?
A. None of the listed choices is correct.
B. by identifying data leaks
C. by exposing data sources
D. by differentiating between public and private data correct answers B
7 Which of the following is an outcome of extracting intelligence from information and
data?
A. None of the listed choices is correct.
B. production of interpreted information that supports decision making
,C. risk reduction
D. improvement in security controls implementations correct answers B
8 Which stage of the Threat Intelligence Maturity Model is characterized as "increasing
CTI Capabilities?"
A. Maturity Level 3
B. Maturity Level 2
C. Maturity Level 0
D. Maturity Level 4 correct answers B
9 Which of the following are examples of unstructured data?
A. encrypted information
B. images, video, and audio
C. numbers and strings of digits
D. string of characters and readable text correct answers B
10 What is the first stage or phase of the Threat Intelligence Lifecycle?
A. Planning and Direction
B. Dissemination and Integration
C. Collection
D. Analysis and Production correct answers A
11 What is information?
A. processed data that has meaning and context
B. a state that data goes through before becoming intelligence
C. data that was refined using processing rules
D. None of the listed choices is correct. correct answers A
12 Intelligence is_____.
A. structured data and information.
B. the output of an analysis process
C. the output of processing data.
D. highly refined data. correct answers B
13 A/an ____ is the existence of a weakness which can lead to an unexpected event
which compromises the security of a system.
A. None of the listed choices is correct.
B. threat
C. vulnerability
D. exploit correct answers C
14 Which of the following teams can benefit from having access to Cyber Threat
Intelligence?
A. SIEM Management Team
B. Forensics Team
C. Incident Response Teams
,D. All listed choices are correct. correct answers D
15 The collection and analysis of information about threats is referred to as ____.
A. None of the listed choices is correct.
B. Data Analytics
C. Cyber Threat Intelligence
D. Risk Assessment correct answers C
16 Which of the following is a business benefit of cyber threat intelligence?
A. Reduction in costs of defending against attacks
B. Loss prevention
C. Insight into probability of risks and their impacts on the business
D. None of the listed choices are correct correct answers C
17 Which of the following can provided detailed intelligence reports?
A. Threat Intelligence Frameworks
B. None of the listed choices are correct.
C. Threat Intelligence Maturity Model
D. Threat Intelligence Strategy correct answers A
18 Which of the following characteristics of a Threat Intelligence Solution will assist in
the management of SIEM capabilities?
A. Automate Data Collection Process
B. Enhance Patch Management
C. Provide Informed Analysis and Prediction
D. Integrate with Security Controls correct answers D
19 What is the primary purpose of the Intelligence and Collection Planning process?
A. to prevent intelligence failures
B. None of the listed choices are correct.
C. to develop a well planned approach to prevent poor results
D. to ensure resources are properly allocated correct answers C
20 A/an ____ is a breach of a system which takes advantage of a ____.
A. vulnerability ... exploit
B. None of the listed choices are correct.
C. threat ... Loophole
D. exploit ... vulnerability correct answers D
21 A/an _____ is a potential occurrence of a/an ___ event which can eventually cause
harm or loss.
A. None of the listed choices are correct.
B. vulnerability ... unpredictable
C. attack ... risk
D. threat ... undesired correct answers D
, 22 Which of the following is an OPEN threat intelligence framework (as opposed to a
closed or proprietary framework)?
A. TC Complete
B. YETI
C. CrowdStrike
D. NormShield correct answers B
23 Why does a business need to audit information being sent over its networks?
A. to provide required services to customers
B. to identify illicit information and track its source
C. to meet strict compliance requirements
D. to assist in reaching customers easily correct answers C
24 How does intelligence-led security testing differ from normal methods of security
testing for IT systems?
A. intelligence is used to speed up testing by reducing duplicate or irrelevant test cases
B. contextual intelligence is used to guide how tests are designed and conducted
C. security professionals are replaced by intelligence analysts who design the tests and
test cases.
D. None of the listed choices are correct. correct answers B
25 Which Threat Intelligence Strategy can be used to estimate and plan for the future?
A. Intelligence Buy-in
B. Threat Reports
C. Threat Intelligence Requirement Analysis
D. Threat Trending correct answers D
26 How does cyber threat intelligence help businesses defend their assets and data?
A. by converting unknown unknowns into known knowns
B. by converting unknown threats into known threats
C. by identifying vulnerable assets and mediating risks
D. None of the listed choices are correct. correct answers B
27 Cyber Threat Intelligence can help identify which of the following?
A. Attacker techniques
B. Adversary tactics
C. All listed choices are correct.
D. Procedures for possible attacks correct answers C
28 In the context of Asset Identification, which of the following are non-physical assets?
A. All listed choices are correct.
B. operating system software
C. applications
D. databases correct answers A
29 What is the relationship between cyber threat intelligence and risks?
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller HopeJewels. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $15.99. You're not tied to anything after your purchase.
