Capital One Data Breach 2019

Questions and Answers

What was the main entry point used by hackers in the data breach mentioned?

• Unpatched vulnerability in Microsoft IIS
• Unpatched vulnerability in Apache Struts (correct)
• Unpatched vulnerability in Apache Tomcat
• Unpatched vulnerability in Nginx

How long did the hackers go undetected after gaining access to the corporate network?

• 45 days
• 60 days
• 76 days (correct)
• 30 days

What type of information did the hackers exfiltrate from the corporate network?

• Customer financial records
• Employee credentials (correct)
• Employee emails
• Corporate marketing materials

How much did Equifax pay in settlement as a result of the data breach?

$575 million (A)

What was Brian Krebs' response to Equifax's handling of the breach?

"A dumpster fire" (C)

What theory emerged due to the fact that none of the exfiltrated data were sold on the darknet?

A nation state was behind the breach (B)

What was the initial attack vector for the data exfiltration in the Capital One data breach?

Misconfigured Web Application Firewall (B)

Which of the following types of data was NOT compromised in the Capital One data breach?

Biometric data (B)

What is the key factor decision-makers use to determine whether to fix a risk?

The comparison between Y and X (C)

Who did the US charge with the data breach of stealing victims' data?

Chinese military officers (D)

Why might it not be financially worthwhile to eliminate a low-impact risk?

The cost of eliminating it exceeds the potential impact (C)

What did the Chinese government do in response to the accusations regarding the data breach?

Denied the accusations (D)

Why is resolving issues with a high impact considered worth the costs?

They can lead to significant losses (C)

What is the role of the AWS metadata service in the AWS environment?

Provides credentials to resources (D)

What is the purpose of risk management in a business?

To provide decision-makers with fact-based risk assessments (B)

Which layer of firewall is a Web Application Firewall (WAF) according to the text?

Layer 7 (A)

Why does a higher risk require more urgent attention and resources compared to a lower risk?

Higher risks have more severe consequences (D)

Which corporations were mentioned as victims of data exfiltration attacks in the text?

Facebook and Capital One (C)

What was the reason behind Capital One's $80 million fine?

Failure to identify and manage risks associated with cloud storage (B)

In the Facebook data breach discussed, what technique was used to harvest user data?

Scraping (B)

What type of information was extracted by malicious actors in the Facebook data breach?

User names and phone numbers (D)

What specific function on Facebook was abused in the 2019 data breach?

The search function (B)

Which scandal prompted Facebook to disable the feature that was abused in the 2019 data breach?

Cambridge Analytica scandal (C)

What was the method used by malicious actors to check if a Facebook profile matched a phone number?

Scraping technique (A)

What defines a cyber risk?

The combination of the likelihood of a threat occurring and its impact on an organization. (C)

What differentiates a cyber event from a non-cyber event?

Whether it occurs in cyberspace or not. (A)

How are cyber risks related to cyber threats?

Cyber risks originate from cyber threats and their likelihood of occurrence. (A)

Which factor is crucial in risk management according to the text?

Addressing both cyber risks and cyber threats. (B)

What is emphasized as the source of a risk in the text?

Potential harm to the organization. (C)

In relation to cyber risks, what is the significance of addressing cyber threats?

It assists in evaluating the likelihood of cyber risks affecting an organization. (B)