Certified Threat Intelligence Analyst (CTIA) Quiz Questions and Answers

In which of the following attacks does the attacker exploit vulnerabilities in a computer application before the software developer can release a patch for them?

Answer :
  • Zero-day attack

Alice is a disgruntled employee of an organization. She decided to acquire critical information of the organization for some financial benefit. In order to achieve this, she started running a virtual machine on the same physical host as the victim’s virtual machine and took advantage of shared physical resources (processor cache) to steal data (cryptographic key/plain text secrets) from the victim machine. Identify the type of attack Alice is performing in the above scenario.

Answer :
  • Side channel attack

Which of the following terms refers to the personnel that the incident handling and response (IHamp;R) team must contact to report the incident and obtain the necessary permissions?

Answer :
  • Point of contact

Bonney’s system has been compromised by gruesome malware. What is the primary step that is advisable to Bonney to contain the malware incident from spreading?

Answer :
  • Turn off the infected machine

Which of the following techniques prevent or mislead the incident-handling process and may also affect the collection, preservation, and identification phases of the forensic investigation process?

Answer :
  • Anti-forensics

Bonney’s system has been compromised by gruesome malware. What is the primary step that is advisable to Bonney in order to contain the malware incident from spreading?

Answer :
  • Turn off the infected machine

Alison, an analyst in an XYZ organization, wants to retrieve information about a company’s website from the time of its inception as well as the removed information from the target website. What should Alison do to get the information he needs?

Answer :
  • Alison should use https://archieve.org to extract the required website information.

Eric works as an incident handler in Erinol software systems. He was assigned a task to protect the organization from any kind of DoS/DDoS attacks. Which of the following tools can be used by Eric to achieve his objective?

Answer :
  • Incapsula

Identify the honeypot (computer security mechanism) that gives an attacker access to the real operating system without any restriction to gather vast information about the attacker.

Answer :
  • High-interaction honeypot

In which of the following storage architecture is the data stored in a localized system, server, or storage hardware and capable of storing a limited amount of data in its database and locally available for data usage?

Answer :
  • Centralized storage