FEDVTE Cyber Dark Arts 38 Questions with Verified Answers
Which of the following alternative operating systems is focused mostly on greater
... [Show More] security in the event of a compromise by preventing propagation? - CORRECT ANSWER Qubes
Which of the following might a malicious actor attempt to exploit in a social engineering attack? - CORRECT ANSWER All of the above
Which of the following alternative operating systems requires some type of virtualization software and more than one system? - CORRECT ANSWER Whonix
The sole purpose of alternative operating systems is for cyber criminals to hide their nefarious activities. - CORRECT ANSWER False
In an advanced persistent threat, once access is gained, which of the following are likely to occur? - CORRECT ANSWER All of the Above
Successfully opposing disinformation efforts spread via social media is difficult because: - CORRECT ANSWER All of the Above
Password cracking tools use wordlist dictionaries containing commonly used passwords in an attempt to gain access using a brute force attack. These wordlists must be downloaded separately from the tool due to the frequency the list is updated. - CORRECT ANSWER False
Only law enforcement and intelligence organizations can legally use anonymous browsers like ToR. - CORRECT ANSWER False
The amount of fake accounts on social media sites like Facebook is: - CORRECT ANSWER Close to equal the number of active users
Qubes achieves greater security by allowing the user to run applications and store files in: - CORRECT ANSWER Isolated containers
Using software and malware components to take control over a device's resources is known as: - CORRECT ANSWER Cryptojacking
Which of the following is the most common and successful method of fraudulently obtaining credentials to gain a foothold in an APT attack? - CORRECT ANSWER Spear Phishing
Because of ProtonMail's "zero access architecture" where the message sender encrypts using the recipient's public key, and the recipient decrypts with their private key, this encrypted messaging service can only be exchanged between ProtonMail users. - CORRECT ANSWER False
The sole purpose of using offshore web-hosting services is to engage in fraudulent activities such as evading local laws and disguising identity. - CORRECT ANSWER False
Which of the following is an example of an anonymous browser? - CORRECT ANSWER ToR Browser
Social media sites have enacted strict policies to prevent the posting or spreading misinformation, with penalties that include deactivating a user's account. - CORRECT ANSWER False
Why would one use the RSMangler command on a password wordlist used for password cracking? - CORRECT ANSWER To manipulate the original word list adding permutations
Whonix comes preloaded with anonymous browsing and email encryption tools. - CORRECT ANSWER True
Tails requires the ability to boot from media on the local device. - CORRECT ANSWER True
The terms white-hat hacker, script kiddie, and hacktivist, are all hacker types and cybercriminals. - CORRECT ANSWER False
Tails is an example of a Live Operating System, which can rely on all of the following EXCEPT: - CORRECT ANSWER A local installation of Windows
Sites on the dark web can't be reached using traditional web browsers because access is blocked via black lists that are constantly updated. - CORRECT ANSWER False
Which of the following best describes a cyber mercenary? - CORRECT ANSWER Hack for hire actors
Which of the following best describes an Advanced Persistent Threat attack? - CORRECT ANSWER Targeting specific assets of an organization with sophisticated malware that operates covertly to avoid detection
Social engineering, specifically Phishing, has become a much less effective attack type due to increased awareness in the cyber community, and advancements in detection tools. - CORRECT ANSWER False
Which of the following is the act of intentionally publishing and forwarding false information in order to shape beliefs and purposely deceive? - CORRECT ANSWER Weaponized disinformation
A legitimate use for anonymous web search engines is to receive unbiased search results. - CORRECT ANSWER True
Which of the following is a reconnaissance tool that can scan a network or domains and collect information and identify vulnerabilities? - CORRECT ANSWER Sn1per
Which of the following could you expect to learn about a wireless router when scanning with a WiFi Stumbler? - CORRECT ANSWER All of the above
Which of the following is an extortion technique used with ransomeware to pressure the user into complying with the actors demands? - CORRECT ANSWER All of the Above
Which of the following is software designed to detect wireless routers, and returns information about the router and network that can be equally useful to administrators and malicious actors? - CORRECT ANSWER WiFi Stumbler
The main purpose of a blockchain is to maintain a fluid public record of transactions, where users have repudiation options with cryptographically authenticated transactions so that they can control anonimity and retract or deny authorship of a transactio - CORRECT ANSWER False
Which of the following is a method malicious users use in an attempt to obtain credentials and gain unauthorized access to a system or service? - CORRECT ANSWER All of the Above
Which of the following is a weakness in a software application that is known to the vendor, but the vendor doesn't have a patch or update available to mitigate the weakness? - CORRECT ANSWER Zero-day vulnerability
Communication exchanges with a Command and Control, or C2 server, to register and receive further instructions is generally going to appear as network traffic using which protocol? - CORRECT ANSWER HTTP
Malicious users leverage E2E encryption services to evade security controls and successfully hide deceptive or illegal data from detection and surveillance. This problem is known as: - CORRECT ANSWER Going Dark
Incognito mode or private browsing hides web activities from which of the following? - CORRECT ANSWER The local system
Which alternative OS would be most likely to assist a researcher who wants to download potentially infected email attachments for testing? - CORRECT ANSWER Qubes [Show Less]