Quizalize logo
placeholder image to represent content

Sec+ CH2

Quiz by cool

Feel free to use or edit a copy

includes Teacher and Student dashboards

Measure skills
from any curriculum

Tag the questions with any skills you have. Your dashboard will track each student's mastery of each skill.

With a free account, teachers can
  • edit the questions
  • save a copy for later
  • start a class game
  • automatically assign follow-up activities based on students’ scores
  • assign as homework
  • share a link with colleagues
  • print as a bubble sheet

Our brand new solo games combine with your quiz, on the same screen

Correct quiz answers unlock more play!

New Quizalize solo game modes
20 questions
Show answers
  • Q1

    Which of the following measures is not commonly used to assess thereat intelligence?

    Timeliness

    Relevance 

    Accuracy 

    Detail

    30s
  • Q2

    What language is STIX based on?

    HTML

    PHP

    XML

    Python 

    30s
  • Q3

    Kolin is a penetration tester who works for a cybersecurity company. His firm was hired to conduct a penetration test against a health-care system, and Kolin is working to gain access to the system belonging to a hospital in that system. What term best describes Kolin's work?

    Green hat 

    Gray hat 

    White hat 

    Black hat 

    30s
  • Q4

    Which one of the following attackers is most likely to be associated with an APT?

    Insider 

    Script kiddie 

    Hacktivist

    Nation-state actor 

    30s
  • Q5

    What organizations did the U.S. government help create to help share knowledge between organizations in specific verticals?

    SANS

    ISACs

    DHS

    CERTS

    30s
  • Q6

    Which of the following threat actors typically has the greatest access to resources?

    Nation-state actors 

    Insider threats 

    Organized crime

    Hacktivists 

    30s
  • Q7

    of the threat vectors listed here, which one is most commonly exploited by attackers who are at a distant location?

    Wireless 

    Direct access 

    Email

    Removable media 

    30s
  • Q8

    Which one of the following is the best example of a hacktivist group?

    Anonymous 

    Chinese military

    Russian mafia 

    U.S. government 

    30s
  • Q9

    What type of assessment is particularly useful for identifying insider threat?

    Behavioral 

    Habitual 

    Instinctual 

    IOCs

    30s
  • Q10

    Cindy wants to send threat information via a standardized protocol specifically designed to exchange cyber threat information. What should she choose? 

    OpenIOC 

    STIX 1.0

    STIX 2.0

    TAX II

    30s
  • Q11

    Greg believes that an attacker may have installed malicious firmware in a network device before it was provided to his organization by the supplier. What type of threat vector best describes this attack?

    Supply chain 

    Direct access

    Removable media 

    Cloud 

    30s
  • Q12

    Ken is conducting threat research on Transport Layer Security (TLS) and would like to consult the authoritative reference for the protocol's technical specification. What resource would best meet his needs?

    Subject matter experts 

    Academic journal 

    Textbooks 

    Internet RFCs 

    30s
  • Q13

    Wendy is scanning cloud-based repositories for sensitive information. Which one of the following should concern her most, if discovered in a public repository? 

    API keys 

    Open source data 

    Product manuals 

    Source code 

    30s
  • Q14

    which one of the following threat research tools is used to visually display information about the location of threat actors?

    Predictive analysis 

    STIX 

    Threat map 

    Vulnerability feed 

    30s
  • Q15

    Vince recently received the hash values of malicious software that several other firms in his industry found installed on their systems after a compromise. What term best describes this information?

    RFC

    TTP 

    IoC 

    Vulnerability feed 

    30s

Teachers give this quiz to your class