21. What should security teams do after identifying threats, according to the threat modeling process? Select two answers.

Answers

22. During which stage of the PASTA framework is an attack tree created?

Answers

23. Fill in the blank: The four stages of a social engineering attack are to prepare, _____, use persuasion tactics, and disconnect from the target.

Answers

24. Fill in the blank: _____ uses text messages to manipulate targets into sharing sensitive information.

Answers

25. Which of the following are not types of malware? Select two answers.

Answers

26. A member of a government agency is tricked into installing a virus on their workstation. The virus gave a criminal group access to confidential information. The attackers threaten to leak the agency's data to the public unless they pay $31,337.

What type of attack is this an example of?

Answers

27. What is malicious code that is inserted into a vulnerable application called?

Answers

28. An attacker injected malware on a server. When a user visits a website hosted by the server, their device gets infected with the malware.

This is an example of what type of injection attack?

Answers

Shuffle Q/A 3

29. Which of the following are areas of a website that are vulnerable to SQL injection? Select two answers.

Answers

30. A security team is conducting a threat model on a new software system. They are determining whether risks can be transferred, reduced, or accepted.

Which key step of a threat model does this scenario represent?

Answers

21. What should security teams do after identifying threats, according to the threat modeling process? Select two answers.

22. During which stage of the PASTA framework is an attack tree created?

23. Fill in the blank: The four stages of a social engineering attack are to prepare, _____, use persuasion tactics, and disconnect from the target.

24. Fill in the blank: _____ uses text messages to manipulate targets into sharing sensitive information.

25. Which of the following are not types of malware? Select two answers.

26. A member of a government agency is tricked into installing a virus on their workstation. The virus gave a criminal group access to confidential information. The attackers threaten to leak the agency's data to the public unless they pay $31,337.What type of attack is this an example of?

27. What is malicious code that is inserted into a vulnerable application called?

28. An attacker injected malware on a server. When a user visits a website hosted by the server, their device gets infected with the malware.This is an example of what type of injection attack?

Shuffle Q/A 3

29. Which of the following are areas of a website that are vulnerable to SQL injection? Select two answers.

30. A security team is conducting a threat model on a new software system. They are determining whether risks can be transferred, reduced, or accepted.Which key step of a threat model does this scenario represent?

26. A member of a government agency is tricked into installing a virus on their workstation. The virus gave a criminal group access to confidential information. The attackers threaten to leak the agency's data to the public unless they pay $31,337.

What type of attack is this an example of?

28. An attacker injected malware on a server. When a user visits a website hosted by the server, their device gets infected with the malware.

This is an example of what type of injection attack?

30. A security team is conducting a threat model on a new software system. They are determining whether risks can be transferred, reduced, or accepted.

Which key step of a threat model does this scenario represent?