Which of three (3) these approaches could be used by hackers as part of a Business Email Compromise attack?1 pointAccount compromiseCEO Fraud, where CEO sends email to an employeeAttorney impersonationRequest to make a payment9.Question 9Which type of actor was not one of the four types of actors mentioned in the video A brief overview of types of actors and their motives?1 pointHactivistsGovernmentsHackersInternalBlack Hats10.Question 10A political motivation is often attributed to which type of actor?1 pointHackersHactivistSecurity AnalystsInternal

1.Question 1A hacker gained access to a network through malicious email attachments. Which one of these is important when talking about methods that allow a hacker to gain this access? 1 pointAn ACLAn attack surfaceA 0-dayAn attack vector2.Question 2Which of these host-based firewall rules help to permit network access from a Virtual Private Network (VPN) subnet? 1 pointSecure Shell (SSH)Access Control Lists (ACLs)Active DirectoryGroup Policy Objects (GPOs)3.Question 3A network security analyst received an alert about a potential malware threat on a user’s computer. What can the analyst review to get detailed information about this compromise? Select all that apply. 1 pointFull disk encryption (FDE)Logs Binary whitelisting softwareSecurity Information and Event Management (SIEM) system 4.Question 4Which of these plays an important role in keeping attack traffic off your systems and helps to protect users? Select all that apply. 1 pointAntivirus softwareFull disk encryption (FDE)Multiple Attack VectorsAntimalware measures5.Question 5What can provide resilience against data theft, and can prevent an attacker from stealing confidential information from a hard drive that was stolen? 1 pointKey escrow Full disk encryption (FDE)OS upgrades Software patch management 6.Question 6What is the purpose of installing updates on your computer? Select all that apply. 1 pointUpdating addresses security vulnerabilitiesUpdating improves performance and stabilityUpdating helps block all unwanted trafficUpdating adds new features7.Question 7How can software management tools like Microsoft SCCM help an IT professional manage a fleet of systems? Select all that apply 1 pointForce update installation after a specified deadlineDetect and prevent malware on managed devices Analyze installed software across multiple computersConfirm update installation 8.Question 8What is the best way to avoid personal, one-off software installation requests? 1 pointAn application honor code policyA clear application whitelist policyA strict no-installation policyAn accept-all application policy9.Question 9While antivirus software operates using a ______, binary whitelisting software uses a whitelist instead. 1 pointSecure listBlacklistGreylist Whitelist 10.Question 10Why is it important to disable unnecessary components of software and systems?1 pointLess complexity means less vulnerability. Less complexity means less time required. Less complexity means less expensive. Less complexity means less work..

1.Question 1The best way to describe hacking is as a single effort or activity conducted quickly and effortlessly by the threat actor.1 pointTrueFalse2.Question 2Spear phishing is a tactic in which part of the Lockheed Martin Attack Kill Chain Model?1 pointDeliveryReconnaissanceWeaponizationInstallationCommand and Control3.Question 3Investigating the organizational chart of a target is part of which phase of the Lockheed Martin Attack Kill Chain Model?1 pointDeliveryReconnaissanceWeaponizationInstallationCommand and Control4.Question 4IT System Administrators often can easily identify who attackers are and submit their identities to law enforcement for prosecution.1 pointTrueFalse5.Question 5The phase of the hacking process where a threat actor’s code is executed onto a victim’s device is called:1 pointDeliveryReconnaissanceExploitationInstallationCommand and Control6.Question 6Writing an exploit to leverage a vulnerability in the windows 10 operating system would be included in which phase of the Lockheed Martin Cyber Kill Chain?1 pointDeliveryReconnaissanceWeaponizationInstallationCommand and Control7.Question 7The use of _______ often makes it difficult for victims of cyber-attack to identify the threat actor involved.1 pointsocial mediaIXPproxy serversISProuters8.Question 8Attribution can be difficult for victims of cyber attack primarily due to: 1 pointThe difficulty for IT workers to work with technology in their own networkThe interplay between proxies, encryption, and threat actors hiding in plain network trafficThe difficulty of security organizations to communicate with one anotherThe generally slow nature of government response to cyber attackNone of the Above

Question 1Identify the type of insiders who are uneducated on the latest potential security threats or simply bypass general security procedures to achieve workplace efficiency. 1 pointMalicious insider Negligent insider Compromised Insider Professional insider 2.Question 2Dennis, an employee experiencing conflict with the management of an organization, uses steganography programs to hide company secrets. He sends this information to competitors, for certain financial benefits, as an innocuous-looking message embedding company secrets in a picture via his official email account.Identify the type of insider attack performed by Dennis in the above scenario. 1 pointThird parties Accident-prone employees Undertrained staff Disgruntled employees

A hacker successfully gains access to a corporate network by tricking an employee into clicking on a malicious link in a phishing email. The hacker then proceeds to steal sensitive financial information. Which type of hacker best fits this description?1.0 MarksBlack hat hackerGrey hat hackerHacktivistScript kiddieWhite hat hacker

1.Question 1Fill in the blank: The four stages of a social engineering attack are to prepare, _____, use persuasion tactics, and disconnect from the target.1 pointperform open-box testingestablish trustdistribute malicious emailobtain access credentials