CPTIA 試験問題を無料オンラインアクセス

Sam works as an analyst in an organization named InfoTech Security. He was asked to collect information from various threat intelligence sources. In meeting the deadline, he forgot to verify the threat intelligence sources and used data from an open-source data provider, who offered it at a very low cost. Through it was beneficial at the initial stage but relying on such data providers can produce unreliable data and noise putting the organization network into risk.
What mistake Sam did that led to this situation?

• A.Sam used unreliable intelligence sources.
• B.Sam did not use the proper technology to use or consume the information.
• C.Sam did not use the proper standardization formats for representing threat data.
• D.Sam used data without context.

In which of the following forms of bulk data collection are large amounts of data first collected from multiple sources in multiple formats and then processed to achieve threat intelligence?

• A.Structured form
• B.Unstructured form
• C.Production form
• D.Hybrid form

Which of the following types of threat attribution deals with the identification of the specific person, society, or a country sponsoring a well-planned and executed intrusion or attack over its target?

• A.True attribution
• B.Nation-state attribution
• C.Campaign attribution
• D.Intrusion-set attribution

Enrage Tech Company hired Enrique, a security analyst, for performing threat intelligence analysis. While performing data collection process, he used a counterintelligence mechanism where a recursive DNS server is employed to perform interserver DNS communication and when a request is generated from any name server to the recursive DNS server, the recursive DNS servers log the responses that are received. Then it replicates the logged data and stores the data in the central database. Using these logs, he analyzed the malicious attempts that took place over DNS infrastructure.
Which of the following cyber counterintelligence (CCI) gathering technique has Enrique used for data collection?

• A.Data collection through DNS interrogation
• B.Data collection through dynamic DNS (DDNS)
• C.Data collection through passive DNS monitoring
• D.Data collection through DNS zone transfer

Which one of the following is the correct flow of the stages in an incident handling and response (IH&R) process?

• A.Preparation -* Incident recording -> Incident triage -* Containment -*#Eradication->Recovery-
  * Post-incident activities
• B.Incident triage -> Eradication -#Containment-* Incident recording-* Preparation-* Recovery-
  * Post-incident activities
• C.Incident recording -> Preparation -> Containment * Incident triage -> Recovery > Eradication -> Post- incident activities
• D.Containment -* Incident recording -* Incident triage -> Preparation -* Recovery -> Eradication -* Post-incident activities