Certified Threat Intelligence Analyst (CTIA) Quiz Questions and Answers
In which of the following attacks does the attacker exploit vulnerabilities in a computer application before the software developer can release a patch for them?
Answer :
Zero-day attack
Alice is a disgruntled employee of an organization. She decided to acquire critical information of the organization for some financial benefit. In order to achieve this, she started running a virtual machine on the same physical host as the victim’s virtual machine and took advantage of shared physical resources (processor cache) to steal data (cryptographic key/plain text secrets) from the victim machine. Identify the type of attack Alice is performing in the above scenario.
Answer :
Side channel attack
Which of the following terms refers to the personnel that the incident handling and response (IHamp;R) team must contact to report the incident and obtain the necessary permissions?
Answer :
Point of contact
Bonney’s system has been compromised by gruesome malware.
What is the primary step that is advisable to Bonney to contain the malware incident from spreading?
Answer :
Turn off the infected machine
Which of the following techniques prevent or mislead the incident-handling process and may also affect the collection, preservation, and identification phases of the forensic investigation process?
Answer :
Anti-forensics
Bonney’s system has been compromised by gruesome malware.
What is the primary step that is advisable to Bonney in order to contain the malware incident from spreading?
Answer :
Turn off the infected machine
Alison, an analyst in an XYZ organization, wants to retrieve information about a company’s website from the time of its inception as well as the removed information from the target website. What should Alison do to get the information he needs?
Answer :
Alison should use https://archieve.org to extract the required website information.
Eric works as an incident handler in Erinol software systems. He was assigned a task to protect the organization from any kind of DoS/DDoS attacks. Which of the following tools can be used by Eric to achieve his objective?
Answer :
Incapsula
Identify the honeypot (computer security mechanism) that gives an attacker access to the real operating system without any restriction to gather vast information about the attacker.
Answer :
High-interaction honeypot
In which of the following storage architecture is the data stored in a localized system, server, or storage hardware and capable of storing a limited amount of data in its database and locally available for data usage?