CPTIA無料問題集「CREST Practitioner Threat Intelligence Analyst」

質問 1

Andrews and Sons Corp. has decided to share threat information among sharing partners. Garry, a threat analyst, working in Andrews and Sons Corp., has asked to follow a trust model necessary to establish trust between sharing partners. In the trust model used by him, the first organization makes use of a body of evidence in a second organization, and the level of trust between two organizations depends on the degree and quality of evidence provided by the first organization.
Which of the following types of trust model is used by Garry to establish the trust?

（A）Validated trust

（B）Mandated trust

（C）Direct historical trust

（D）Mediated trust

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

Karry, a threat analyst at an XYZ organization, is performing threat intelligence analysis. During the data collection phase, he used a data collection method that involves no participants and is purely based on analysis and observation of activities and processes going on within the local boundaries of the organization.
Identify the type data collection method used by the Karry.

（A）Raw data collection

（B）Passive data collection

（C）Active data collection

（D）Exploited data collection

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

Alexis is working as an incident responder in XYZ organization. She was asked to identify and attribute the actors behind an attack that took place recently. In order to do so, she is performing threat attribution that deals with the identification of the specific person, society, or a country sponsoring a well-planned and executed intrusion or attack over its target. Which of the following types of threat attributions Alexis performed?

（A）Nation-state attribution

（B）True attribution

（C）Campaign attributio

（D）Intrusion-set attribution

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

Which of the following is an attack that attempts to prevent the use of systems, networks, or applications by the intended users?

（A）Unauthorized access

（B）Denial of service (DoS) attack

（C）Malicious code or insider threat attack

（D）Fraud and theft

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

Tim is working as an analyst in an ABC organization. His organization had been facing many challenges in converting the raw threat intelligence data into meaningful contextual information. After inspection, he found that it was due to noise obtained from misrepresentation of data from huge data collections. Hence, it is important to clean the data before performing data analysis using techniques such as data reduction. He needs to choose an appropriate threat intelligence framework that automatically performs data collection, filtering, and analysis for his organization.
Which of the following threat intelligence frameworks should he choose to perform such task?

（A）HighCharts

（B）Threat grid

（C）TC complete

（D）SIGVERIF

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

In which of the following phases of incident handling and response (IH&R) process the identified security incidents are analyzed, validated, categorized, and prioritized?

（A）Incident recording and assignment

（B）Notification

（C）Containment

（D）Incident triage

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

During the vulnerability assessment phase, the incident responders perform various steps as below:
1. Run vulnerability scans using tools
2. Identify and prioritize vulnerabilities
3. Examine and evaluate physical security
4. Perform OSINT information gathering to validate the vulnerabilities
5. Apply business and technology context to scanner results
6. Check for misconfigurations and human errors
7. Create a vulnerability scan report
Identify the correct sequence of vulnerability assessment steps performed by the incident responders.

（A）1-->3-->2-->4-->5-->6-->7

（B）4-->1-->2-->3-->6-->5-->7

（C）2-->1-->4-->7-->5-->6-->3

（D）3-->6-->1-->2-->5-->4-->7

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

Steve works as an analyst in a UK-based firm. He was asked to perform network monitoring to find any evidence of compromise. During the network monitoring, he came to know that there are multiple logins from different locations in a short time span. Moreover, he also observed certain irregular log in patterns from locations where the organization does not have business relations. This resembles that somebody is trying to steal confidential information.
Which of the following key indicators of compromise does this scenario present?

（A）Unexpected patching of systems

（B）Geographical anomalies

（C）Unusual activity through privileged user account

（D）Unusual outbound network traffic

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

Alice, an analyst, shared information with security operation managers and network operations center (NOC) staff for protecting the organizational resources against various threats. Information shared by Alice was highly technical and include threat actor TTPs, malware campaigns, tools used by threat actors, and so on.
Which of the following types of threat intelligence was shared by Alice?

（A）Technical threat intelligence

（B）Tactical threat intelligence

（C）Operational threat intelligence

（D）Strategic threat intelligence

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

If a hacker cannot find any other way to attack an organization, they can influence an employee or a disgruntled staff member. What type of threat is this?

（A）Insider attack

（B）Phishing attack

（C）Identity theft

（D）Footprinting

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

CPTIA 無料問題集「CREST Practitioner Threat Intelligence Analyst」

弊社を連絡する

関連リンク

トップ試験