Question 1

Malware essentially Codifies the malicious activities intended by an attacker and can be analyzed using the Cyber Kill Chain Model which represents ( iterations of ) steps typically involved in a cybersttack. What is the first step in the Cyber Kill Chain Model that Cyber Attackers Follow ?

Options :

A : Establishing a command-and-control channel for attackers to remotely commander the victims system

B : Reconnaissance is the 1st step where an attacker identifies or attracts the potential targets by scanning

C : Exploiting a vunerability and executing malicious code on the victims system

D : The 1st Step is to gain access to the targets by sending crafted input to trigger a vunerability

Answer: B

Question 2

Component-driven methods are good for

Options :

A : Bringing together multiple stakeholders views of what a system should and should not do

B : Exploiting security breaches which emerge out of the complex interactions of many parts og your system

C :

Establishing system security requirements before you have decided on the system is exact physical design

D : Analysing the risks faced by individuals technical components

Answer: D

Question 3

_______ allows scholars, engineers, auditors, and regulators to examine how security controls operate to ensure their correctness, or identify flaws, without undermining their security.

Options :

A : Least common mechanism

B : Open design

C : Least privilege

D : Least access

Answer: B

Question 4

Which principle states that controls need to define and enable operations that can positively be identified as being in accordance with a security policy and reject all others ?

Options :

A :

Penestration testing

B :

Complete Mediation

C : Open Design

D : Fail Safe Defaults

Answer: D

Question 5

One of the main benefits of analyzing the malware structure that may include the libraries and toolkits and coding techniques, we may find some important data that is possibly helpful to attribution.

Options :

A : Which means being able to identify the likely author and operator

B : To understand what damage can be done due to the malware program

C : To be able to know the amount of data that has been lost or corrupted

D : Both B and C are correct, and A is incorrect

Answer: A