lesson2
2A
以下哪一項會被評估其可能性和影響:弱點、威脅還是風險?
Which of the following would be assessed by likelihood and impact: vulnerability, threat, or risk?
Ans:風險(風險是威脅利用弱點的可能性和其可能產生的影響的結合)
是非題?國家行為者主要只對其他國家構成風險。
True or false? Nation state actors primarily only pose a risk to other states.
Ans:錯,還有企業、個人...
你收到一封郵件,其中包含一個顯示在你的應用伺服器上的命令提示字元的截圖。郵件建議你與駭客合作一天,以修補這個弱點。你應該如何將這個威脅分類?
You receive an email with a screenshot showing a command prompt at one of your application servers. The email suggests you engage the hacker for a day's consultancy to patch the vulnerability. How should you categorize this threat?
Ans:
哪種類型的威脅行為者主要是出於對社會變革的渴望?
Which type of threat actor is primarily motivated by the desire for social change?
Ans:駭客活動主義者(Hacktivist)
哪三種威脅行為者最有可能獲得高水平的資金支持?
Which three types of threat actor are most likely to have high levels of funding?
Ans:犯罪集團、國家行為
你正在協助為一家小公司編寫攻擊面評估報告。根據CompTIA大綱,以下報告中的哪兩種潛在攻擊向量被省略了?直接存取、電子郵件、遠程和無線、網絡和社交媒體、雲。
You are assisting with writing an attack surface assessment report for a small company. Following the CompTIA syllabus, which two potential attack vectors have been omitted from the following headings in the report? Direct access, Email, Remote and wireless, Web and social media, Cloud.
Ans:存取控制
2B
你正在為一家電子投票機供應商提供威脅情報解決方案的諮詢。哪種類型的威脅情報來源會以最低的成本提供最相關的信息?
You are consulting on threat intelligence solutions for a supplier of electronic voting machines. What type of threat intelligence source would produce the most relevant information at the lowest cost?
Ans:開放源碼情報(OSINT)
你的首席執行官想知道公司的威脅情報平台是否有效利用了OSINT。什麼是OSINT?
Your CEO wants to know if the company's threat intelligence platform makes effective use of OSINT. What is OSINT?
Ans:OSINT,公開來源情報是從公開來源收集到的情報 。在情報機構來看,「公開」是指公然展示的、公眾可見的來源。 它與開源軟體或群體智慧型無關。
你正在評估是否加入AIS。AIS 是什麼,你的安全信息與事件管理(SIEM)應支持哪種協議以連接到AIS伺服器?
You are assessing whether to join AIS. What is AIS and what protocol should your SIEM support in order to connect to AIS servers?
Ans: 應支持 STIX(Structured Threat Information eXpression) 協議,因為STIX是一種用於表示和交換威脅情報的標準格式。