Question 1

_______________ occurs when infected devices attempt to contact a threat actor's external command and control (C&C) server.

Accepted Answer

Beaconing

Question 2

What is a sudden, unusual surge in network bandwidth use called?&#10;A) Spike&#10;B) Bolus&#10;C) Peak&#10;D) Apogee

Accepted Answer

A sudden, unusual surge in network bandwidth use is commonly referred to as a "spike."

Question 3

What is a named pipe?

Accepted Answer

A logical connection (like a TCP session) between a client and server that use Server Message Block.

Question 4

Which of the following is not a network symptom of an attack?&#10;A) Stealth transmissions&#10;B) Memory overflows&#10;C) Scan sweeps&#10;D) Unauthorized network devices

Accepted Answer

Memory overflows are typically a symptom of a software or system attack, not specifically a network attack.

Question 5

What is the term for thousands of bot computers that are gathered into a logical computer network?&#10;A) Botstorm&#10;B) Botnique&#10;C) Bot herd&#10;D) Botnet

Accepted Answer

A botnet is a network of computers infected with malware and controlled as a group without the owners' knowledge, often used for malicious activities.

Question 6

Name a tool that can be used to determine if a cyber incident is taxing a processor's resources.

Accepted Answer

The answer of Name a tool that can be used...

Question 7

Attackers have no reliable way to take advantage of a processor with multiple cores.

Accepted Answer

Attackers can exploit vulnerabilities in multi-core processors, such as through side-channel attacks, to gain unauthorized access to data or execute malicious code.

Question 8

What is the act of changing operating system settings or exploiting a software vulnerability to access resources that users normally would be restricted from accessing?

Accepted Answer

The answer of What is the act of changing operating...

Question 9

What kind of attack occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer?&#10;A) Source overflow&#10;B) Integer overflow&#10;C) Buffer overflow&#10;D) Address overflow

Accepted Answer

A buffer overflow occurs when a process writes more data to a buffer than it can hold, potentially overwriting adjacent memory.

Question 10

In the context of cybersecurity, DLP is an abbreviation for which of the following?&#10;A) data log propagation&#10;B) data loss prevention&#10;C) digital loss prevention&#10;D) digital limit processing

Accepted Answer

DLP stands for Data Loss Prevention, which refers to strategies and tools used to prevent sensitive data from being lost, misused, or accessed by unauthorized users.

Deck 9: Reacting to a Cyber Incident: Analyzing Common Symptoms