Energy and Water Grid Vulnerabilities in Army Installations

Questions and Answers

PDF Questions PDF Answers

What is the purpose of the PCI-DSS security standard?

To enforce security measures for government websites

To regulate the cryptocurrency market

To develop open-source maps of critical infrastructure

To reduce the risk of data breaches in commercial businesses (correct)

Which organizations came together to enact standards and best practices for storing and accessing credit card information?

Apple, Google, Amazon, and Microsoft

Visa, Mastercard, American Express, Discover, and the Japan Credit Bureau (JCB) (correct)

Bitcoin, Ethereum, Ripple, and Litecoin

Facebook, Twitter, Instagram, and LinkedIn

What percentage of State, Local, Tribal, and Tribunal (SLTT) government ransomware incidents reported in the United States were identified as LockBit attacks in 2022?

32%

16% (correct)

5%

25%

What did Sarah Beth Clendaniel and Brandon Clint Russell conspire to carry out?

Attacks against critical infrastructure, specifically electrical substations

Which threat actor is active globally with the mission of espionage, vulnerability assessment, and information gathering?

Volt Typhoon

When was LockBit ransomware the most widely encountered?

In 2022 and 2023

What is the purpose of the Cyber Kill Chain methodology?

Applying it to network defense

What is the main focus of the indictment against Mikhail Pavlovich Matveev?

Conspiring to transmit ransom demands and damaging protected computers

'Joint Cybersecurity Advisory: Understanding Ransomware Threat Actors: LockBit' was released by which organization?

Microsoft Corporation’s Microsoft Threat Intelligence (MTI) team

The purpose of the PCI-DSS security standard is to reduce the risk associated with data breaches in commercial businesses.

True

LockBit was the most widely encountered ransomware in 2022 and is heavily found in 2023 as well.

True

Sarah Beth Clendaniel and Brandon Clint Russell were charged for conspiring to carry out attacks against critical infrastructure, specifically electrical substations.

True

The state-sponsored Chinese threat actor, Volt Typhoon, has been active globally since mid-2021 with the mission of espionage, vulnerability assessment, and information gathering.

True

The Lockheed Martin Cyber Kill Chain methodology is used in network defense.

True

The PCI-DSS security standard has been rolled out across various continents with incremental changes along the way since 2004.

True

LockBit ransomware incidents impacted a variety of organizations in the United States including municipal governments, county governments, public higher education and K-12 schools, and emergency services.

True

The credit card companies that came together to enact standards and best practices for storing and accessing credit card information include Visa, Mastercard, American Express, Discover, and the Japan Credit Bureau (JCB).

True

Many organizations in the commercial sector adhere to more than one framework for addressing security concerns.

True

The purpose of the PCI-DSS security standard is tailored to credit card companies and e-commerce specifically.

True

What is the purpose of the PCI-DSS security standard?

The purpose of the PCI-DSS security standard was to reduce the risk associated with data breaches in commercial businesses.

What was the most widely encountered ransomware in 2022 and 2023?

LockBit ransomware was the most widely encountered in 2022 and heavily found in 2023 as well.

Which threat actor is active globally with the mission of espionage, vulnerability assessment, and information gathering?

Volt Typhoon, a state-sponsored Chinese threat actor, is active globally with the mission of espionage, vulnerability assessment, and information gathering.

What did Sarah Beth Clendaniel and Brandon Clint Russell conspire to carry out?

Sarah Beth Clendaniel and Brandon Clint Russell conspired to carry out attacks against critical infrastructure, specifically electrical substations.

What percentage of State, Local, Tribal, and Tribunal (SLTT) government ransomware incidents reported in the United States were identified as LockBit attacks in 2022?

16% of the State, Local, Tribal, and Tribunal (SLTT) government ransomware incidents reported in the United States were identified as LockBit attacks in 2022.