![placeholder image to represent content](/_next/image?url=%2Fassets%2Fquiz_default_logo.jpg&w=256&q=75)
Sec+ CH2
Quiz by cool
Feel free to use or edit a copy
includes Teacher and Student dashboards
Measure skillsfrom any curriculum
Tag the questions with any skills you have. Your dashboard will track each student's mastery of each skill.
- edit the questions
- save a copy for later
- start a class game
- automatically assign follow-up activities based on students’ scores
- assign as homework
- share a link with colleagues
- print as a bubble sheet
- Q1
Which of the following measures is not commonly used to assess thereat intelligence?
Timeliness
Relevance
Accuracy
Detail
30s - Q2
What language is STIX based on?
HTML
PHP
XML
Python
30s - Q3
Kolin is a penetration tester who works for a cybersecurity company. His firm was hired to conduct a penetration test against a health-care system, and Kolin is working to gain access to the system belonging to a hospital in that system. What term best describes Kolin's work?
Green hat
Gray hat
White hat
Black hat
30s - Q4
Which one of the following attackers is most likely to be associated with an APT?
Insider
Script kiddie
Hacktivist
Nation-state actor
30s - Q5
What organizations did the U.S. government help create to help share knowledge between organizations in specific verticals?
SANS
ISACs
DHS
CERTS
30s - Q6
Which of the following threat actors typically has the greatest access to resources?
Nation-state actors
Insider threats
Organized crime
Hacktivists
30s - Q7
of the threat vectors listed here, which one is most commonly exploited by attackers who are at a distant location?
Wireless
Direct access
Email
Removable media
30s - Q8
Which one of the following is the best example of a hacktivist group?
Anonymous
Chinese military
Russian mafia
U.S. government
30s - Q9
What type of assessment is particularly useful for identifying insider threat?
Behavioral
Habitual
Instinctual
IOCs
30s - Q10
Cindy wants to send threat information via a standardized protocol specifically designed to exchange cyber threat information. What should she choose?
OpenIOC
STIX 1.0
STIX 2.0
TAX II
30s - Q11
Greg believes that an attacker may have installed malicious firmware in a network device before it was provided to his organization by the supplier. What type of threat vector best describes this attack?
Supply chain
Direct access
Removable media
Cloud
30s - Q12
Ken is conducting threat research on Transport Layer Security (TLS) and would like to consult the authoritative reference for the protocol's technical specification. What resource would best meet his needs?
Subject matter experts
Academic journal
Textbooks
Internet RFCs
30s - Q13
Wendy is scanning cloud-based repositories for sensitive information. Which one of the following should concern her most, if discovered in a public repository?
API keys
Open source data
Product manuals
Source code
30s - Q14
which one of the following threat research tools is used to visually display information about the location of threat actors?
Predictive analysis
STIX
Threat map
Vulnerability feed
30s - Q15
Vince recently received the hash values of malicious software that several other firms in his industry found installed on their systems after a compromise. What term best describes this information?
RFC
TTP
IoC
Vulnerability feed
30s