31. What discoveries are made while decomposing an application during a PASTA threat model? Select two answers.

  • The types of threats that can be used to compromise data
  • Which vulnerabilities can put data at risk
  • How data travels from users to an organization’s database
  • Which controls are in place to protect data along the way

32. What is the most common form of social engineering used by attackers?

  • Ransomware
  • Malware
  • Phishing
  • Adware

33. Which of the following are common signs that a computer is infected with cryptojacking software? Select three answers.

  • Increased CPU usage
  • Sudden system crashes
  • Unusually high electricity costs
  • Modified or deleted files

34. A hacktivist group gained access to the website of a utility company. The group bypassed the site’s login page by inserting malicious code that granted them access to customer accounts to clear their debts.

What type of attack did the hacktivist group perform?

  • Spyware
  • Watering hole
  • Quid pro quo
  • Injection

35. Which stage of the PASTA framework is related to identifying the application components that must be evaluated?

  • Perform a vulnerability analysis
  • Decompose the application
  • Define the technical scope
  • Conduct attack modeling

36. A threat actor tricked a new employee into sharing information about a senior executive over the phone.

This is an example of what kind of attack?

  • Malware
  • Social engineering
  • Pretexting
  • Phishing

Leave a Reply