질문 23
Alice, a threat intelligence analyst at HiTech Cyber Solutions, wants to gather information for identifying emerging threats to the organization and implement essential techniques to prevent their systems and networks from such attacks. Alice is searching for online sources to obtain information such as the method used to launch an attack, and techniques and tools used to perform an attack and the procedures followed for covering the tracks after an attack.
Which of the following online sources should Alice use to gather such information?

질문 24
In which of the following forms of bulk data collection are large amounts of data first collected from multiple sources in multiple formats and then processed to achieve threat intelligence?

질문 25
Tyrion, a professional hacker, is targeting an organization to steal confidential information. He wants to perform website footprinting to obtain the following information, which is hidden in the web page header.
Connection status and content type
Accept-ranges and last-modified information
X-powered-by information
Web server in use and its version
Which of the following tools should the Tyrion use to view header content?

질문 26
엔레이지 테크 컴퍼니는 위협 인텔리전스 분석을 수행하기 위해 보안 분석가인 엔리케를 고용했습니다. 그는 데이터 수집 프로세스를 수행하는 동안 재귀 DNS 서버를 사용하여 서버 간 DNS 통신을 수행하고 모든 네임 서버에서 재귀 DNS 서버로 요청이 생성되면 재귀 DNS 서버가 수신된 응답을 기록하는 카운터 인텔리전스 메커니즘을 사용했습니다. 그런 다음 로깅된 데이터를 복제하여 중앙 데이터베이스에 저장합니다. 그는 이 로그를 사용하여 DNS 인프라를 통해 발생한 악의적인 시도를 분석했습니다.
다음 중 엔리케가 데이터 수집을 위해 사용한 사이버 방첩(CCI) 수집 기법은 무엇인가요?

질문 27
Cybersol Technologies initiated a cyber-threat intelligence program with a team of threat intelligence analysts. During the process, the analysts started converting the raw data into useful information by applying various techniques, such as machine-based techniques, and statistical methods.
In which of the following phases of the threat intelligence lifecycle is the threat intelligence team currently working?

질문 28
Jim works as a security analyst in a large multinational company. Recently, a group of hackers penetrated into their organizational network and used a data staging technique to collect sensitive dat a. They collected all sorts of sensitive data about the employees and customers, business tactics of the organization, financial information, network infrastructure information and so on.
What should Jim do to detect the data staging before the hackers exfiltrate from the network?

질문 29
John, a professional hacker, is trying to perform APT attack on the target organization network. He gains access to a single system of a target organization and tries to obtain administrative login credentials to gain further access to the systems in the network using various techniques.
What phase of the advanced persistent threat lifecycle is John currently in?

질문 30
Henry. a threat intelligence analyst at ABC Inc., is working on a threat intelligence program. He was assigned to work on establishing criteria for prioritization of intelligence needs and requirements.
Which of the following considerations must be employed by Henry to prioritize intelligence requirements?

질문 31
한 분석가가 고객 조직에서 위협 인텔리전스 분석을 수행하고 있으며, 정보 수집 과정에서 공개된 출처에서 정보를 수집하고 분석하여 유용한 형태의 풍부한 인텔리전스를 얻었습니다. 그가 사용한 정보 출처는 주로 국가 안보, 법 집행, 비즈니스 또는 전략적 의사 결정에 필요한 인텔리전스 수집에 사용됩니다.
다음 중 분석가가 정보 수집을 위해 사용한 정보 소스는 무엇인가요?

질문 32
In which of the following storage architecture is the data stored in a localized system, server, or storage hardware and capable of storing a limited amount of data in its database and locally available for data usage?

질문 33
Andrews and Sons Corp. has decided to share threat information among sharing partners. Garry, a threat analyst, working in Andrews and Sons Corp., has asked to follow a trust model necessary to establish trust between sharing partners. In the trust model used by him, the first organization makes use of a body of evidence in a second organization, and the level of trust between two organizations depends on the degree and quality of evidence provided by the first organization.
Which of the following types of trust model is used by Garry to establish the trust?

질문 34
Jian is a member of the security team at Trinity, Inc. He was conducting a real-time assessment of system activities in order to acquire threat intelligence feeds. He acquired feeds from sources like honeynets, P2P monitoring. infrastructure, and application logs.
Which of the following categories of threat intelligence feed was acquired by Jian?

질문 35
Kathy wants to ensure that she shares threat intelligence containing sensitive information with the appropriate audience. Hence, she used traffic light protocol (TLP).
Which TLP color would you signify that information should be shared only within a particular community?

질문 36
An analyst wants to disseminate the information effectively so that the consumers can acquire and benefit out of the intelligence.
Which of the following criteria must an analyst consider in order to make the intelligence concise, to the point, accurate, and easily understandable and must consist of a right balance between tables, narrative, numbers, graphics, and multimedia?

질문 37
An organization suffered many major attacks and lost critical information, such as employee records, and financial information. Therefore, the management decides to hire a threat analyst to extract the strategic threat intelligence that provides high-level information regarding current cyber-security posture, threats, details on the financial impact of various cyber-activities, and so on.
Which of the following sources will help the analyst to collect the required intelligence?

질문 38
Miley, an analyst, wants to reduce the amount of collected data and make the storing and sharing process easy. She uses filtering, tagging, and queuing technique to sort out the relevant and structured data from the large amounts of unstructured data.
Which of the following techniques was employed by Miley?

질문 39
SecurityTech Inc. is developing a TI plan where it can drive more advantages in less funds. In the process of selecting a TI platform, it wants to incorporate a feature that ranks elements such as intelligence sources, threat actors, attacks, and digital assets of the organization, so that it can put in more funds toward the resources which are critical for the organization’s security.
Which of the following key features should SecurityTech Inc. consider in their TI plan for selecting the TI platform?

질문 40
Moses, a threat intelligence analyst at InfoTec Inc., wants to find crucial information about the potential threats the organization is facing by using advanced Google search operators. He wants to identify whether any fake websites are hosted at the similar to the organization’s URL.
Which of the following Google search queries should Moses use?

질문 41
Bob, a threat analyst, works in an organization named TechTop. He was asked to collect intelligence to fulfil the needs and requirements of the Red Tam present within the organization.
Which of the following are the needs of a RedTeam?