19 Questions
What is the purpose of Persistence in a cyberattack?
Ensuring ongoing access to compromised assets
Which of the following is NOT a stage in the Cyber Kill Chain according to the text?
Analysis
What is a recommended method to control software execution as mentioned in the text?
Use application whitelisting to permit only authorized software
What is the main goal of an attacker during an attack according to the text?
Steal sensitive documents and data
What is recommended to ensure the highest level of data security as mentioned in the text?
Provide least privileged access to sensitive data
What is the primary purpose of the ATT&CK framework developed by MITRE?
To provide a comprehensive taxonomy of attacker tactics and techniques
According to the passage, how can an attacker obtain a user's accidentally typed passwords?
By reading the user's .bash_history file
What is the primary reason why small or non-sensitive organizations may still be targeted by attackers?
They can be used as a stepping stone to attack larger targets
What type of security measure is the ATT&CK framework designed to help defend against?
Application whitelisting
What is the primary goal of the least privilege concept in cybersecurity?
To prevent unauthorized access to sensitive systems and data
Which stage of the Cyber Kill Chain is associated with an attacker maintaining access to a compromised system?
Persistence
What is the primary purpose of application whitelisting in cybersecurity?
To block all unauthorized applications from running
Which of the following is an example of a zero trust security principle?
Requiring multi-factor authentication for sensitive operations
What is a common goal of cyberattacks that involve data exfiltration?
To harvest sensitive data for malicious purposes
Which of the following is the MOST accurate description of an 'insider threat' as discussed in the text?
An employee who has been granted special or privileged access to data and can now cause harm maliciously or unintentionally.
What is the primary goal of an 'insider threat' as described in the text?
To disrupt the reliability and security of the system.
Which of the following is the BEST way to mitigate the risks posed by an 'insider threat' as described in the text?
Provide the third-party developer with the minimum necessary access privileges to perform their tasks.
Which of the following is an example of an 'extended insider' as described in the text?
A trusted third-party vendor who has been granted privileged access to the organization's data and systems.
What is the MAIN implication of the blurred lines between 'workplace' and 'home' as discussed in the text?
Insider threats are more difficult to detect and mitigate when the 'workplace' extends beyond the traditional office environment.
Learn about how MITRE's ATT&CK framework expands the cyber kill chain into detailed steps, providing formal descriptions of each stage of an attack. Explore examples like credential access and how attackers could obtain passwords from a user's .bash_history file.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free