Cybersecurity Capstone: Breach Response Case Studies All Quiz Answer
Third-Party Breach Graded Assessment
Question 1) True or False. According to a 2018 Ponemon study, organizations surveyed cited "A third-party misused or shared confidential information..." as their top cyber security concern for the coming year.
- True
- False
Question 2) How effective were the processes for vetting third-parties as reported by the majority (64%) of the companies surveyed?
- Highly effective
- Effective
- Somewhat or not effective
- Not effective at all
Question 3) In the first few months of 2020 data breaches were reported from Instagram, Carson City, Amazon, GE, T-Mobile, radio.com, MSU, and Marriot. While different data were stolen from each organization, which two data elements were stolen from all of them ? (Select 2)
- Corporate financial data
- Confidential corporate strategy data
- Customer financial information
- Personal information
Question 4) True or False. More than 63% of data breaches can be linked to a third-party.
- True
- False
Question 5) According to a 2019 Ponemon study, which is the most common course of action for a consumer who has lost personal data in a breach ?
- Tell others of their experience
- Use social media to complain about their experience
- Comment directly on the company's website
- File a complaint with the FTC or other regulatory body
Ransomware Graded Assessment
Question 1) You get a pop-up message on your screen telling you have been locked out of your computer and that access will remain blocked until you pay a fee to have your access restored. What type of ransomware has attacked your system ?
- Blockware
- Leakware/Doxware
- Locker
- Crypto
Question 2) You get a pop-up message on your screen telling you that embarrassing photos taken of you at a college party many years ago have been downloaded and will be made public unless you pay a fee. What type of ransomware has attacked your system ?
- Leakware/Doxware
- Crypto
- Locker
- Blockware
Question 3) You get an email from your Internet service provider addressed to "Dear Customer" asking you to log in and verify your credentials due to "suspicious activity" detected in your account. This email is most likely trying to exploit which attack vector ?
- Malicious Links
- Remote Desktop Protocol (RDP)
- Software Vulnerabilities
- Phishing
Question 4) A person you meet at a party offers to help you optimize your computer so you arrange for her to log in remotely. The next time you reboot your system, you get a pop-up message telling you all your critical files have been encrypted and you must pay a ransome to get the encryption key. What attack vector was used to exploit your system?
- Remote Desktop Protocol (RDP)
- Software Vulnerabilities
- Phishing
- Malicious Links
Question 5) You fear that the security patches sent out by the vendor of one of your products may introduce changes to what you are used to so you never allow the updates. What attack vector are you setting yourself up for ?
- Malicious Links
- Remote Desktop Protocol (RDP)
- Software Vulnerabilities
- Phishing
Question 6) You log into your bank and see an offer for a 0% interest rate loan. You click on the link to check out the details and suddenly your computer is locked and there is a message demanding payment in order to unlock it. Your bank's website was hacked! What attack vector was being used to install ransomware on your system ?
- Remote Desktop Protocol (RDP)
- Phishing
- Software Vulnerabilities
- Malicious Links
Question 7) True or False. Being vigilant about email you receive, links your follow and websites you visit is an effective way to keep yourself safe from a ransomware attack.
- True
- False
Question 8) Which ransomware used fake Adobe Flash download websites to distribute and install ransomware?
- Jigsaw
- GoldenEye
- WannaCry
- Bad Rabbit
Question 9) True or False. It is feared that in the future our cars, homes and factories may fall victim to ransomware attacks as more and more devices join the Internet of Things.
- True
- False
5 Comments
A person you meet at a party offers to help you optimize your computer so you arrange for her to log in remotely. The next time you reboot your system, you get a pop-up message telling you all your critical files have been encrypted and you must pay a ransome to get the encryption key. What attack vector was used to exploit your system
ReplyDeleteRDP..
Which ransomware used fake Adobe Flash download websites to distribute and install ransomware?
ReplyDeleteBad Rabbit
Ransomware Knowledge Check
ReplyDeleteTotal points 8
1.
Question 1
You get a pop-up message on your screen telling you that critical files on your system have been encrypted and that you must pay a fee to get the encryption key. What type of ransomware has attacked your system?
1 / 1 point
Leakware/Doxware
Crypto ****
Blockware
Locker
2.
Question 2
Your bank sends you an email with your account statement attached. You think this is odd but open it anyway to see what it is. The document is blank so you close it and think no more about it. A few days later you realize that your computer is infected with malware. What attack vector was used to compromise your system?
1 / 1 point
Phishing *****
Remote Desktop Protocol (RDP)
Software Vulnerabilities
Malicious Links
3.
Question 3
You take advantage of an Internet offer for free technical support and a live technician acutally does contact you, log into your computer and help you optimize your system. A few days later you notice some critical business files are missing when a big red message block appears on your screen demanding money if you ever want to see your files again. What attack vector is the malware exploiting?
1 / 1 point
Software Vulnerabilities
Phishing
Remote Desktop Protocol (RDP) ****
Malicious Links
4.
Question 4
If you fail to patch your operating system and that fact allows a bad actor to install ransomware on your system, what was the likely attack vector?
1 / 1 point
Phishing
Malicious Links
Remote Desktop Protocol (RDP)
Software Vulnerabilities *****
5.
Question 5
You read an interesting article online that contains links to related articles so you follow one of them and pretty soon you are a victim of a ransomware attack. What was the likely attack vector used by the bad actors?
1 / 1 point
Phishing
Remote Desktop Protocol (RDP)
Software Vulnerabilities
Malicious Links ******
6.
Question 6
What is the most important thing to have in place that will save you from having to pay a ransom in the event you have fallen victim to a ransomware attack?
1 / 1 point
A full system backup *****
Strong passwords
Fully patched operating system and applications
Anti-virus software
7.
Question 7
Which ransomware spread across 150 countries in 2017 and was responsible for over $4 billion in losses worldwide?
1 / 1 point
GoldenEye
WannaCry *****
Bad Rabbit
Jigsaw
8.
Question 8
True or False. Projections are that ransomware will not be a significant problem in the future as operating systems become more secure and anti-malware applications gain in sophistication.
1 / 1 point
True
False *****
Ransomware Graded Assessment
ReplyDeleteLatest Submission Grade 100%
1.
Question 1
You get a pop-up message on your screen telling you have been locked out of your computer and that access will remain blocked until you pay a fee to have your access restored. What type of ransomware has attacked your system?
1 / 1 point
Crypto
Leakware/Doxware
Blockware
Locker ****
2.
Question 2
You get a pop-up message on your screen telling you that embarrassing photos taken of you at a college party many years ago have been downloaded and will be made public unless you pay a fee. What type of ransomware has attacked your system?
1 / 1 point
Locker
Blockware
Leakware/Doxware ****
Crypto
3.
Question 3
You get an email from your Internet service provider addressed to "Dear Customer" asking you to log in and verify your credentials due to "suspicious activity" detected in your account. This email is most likely trying to exploit which attack vector?
1 / 1 point
Software Vulnerabilities
Malicious Links
Remote Desktop Protocol (RDP)
Phishing *****
4.
Question 4
A person you meet at a party offers to help you optimize your computer so you arrange for her to log in remotely. The next time you reboot your system, you get a pop-up message telling you all your critical files have been encrypted and you must pay a ransome to get the encryption key. What attack vector was used to exploit your system?
1 / 1 point
Remote Desktop Protocol (RDP) *****
Malicious Links
Software Vulnerabilities
Phishing
5.
Question 5
You fear that the security patches sent out by the vendor of one of your products may introduce changes to what you are used to so you never allow the updates. What attack vector are you setting yourself up for?
1 / 1 point
Software Vulnerabilities ******
Malicious Links
Phishing
Remote Desktop Protocol (RDP)
6.
Question 6
You log into your bank and see an offer for a 0% interest rate loan. You click on the link to check out the details and suddenly your computer is locked and there is a message demanding payment in order to unlock it. Your bank's website was hacked! What attack vector was being used to install ransomware on your system?
1 / 1 point
Phishing
Remote Desktop Protocol (RDP)
Software Vulnerabilities
Malicious Links *****
7.
Question 7
True or False. Being vigilant about email you receive, links your follow and websites you visit is an effective way to keep yourself safe from a ransomware attack.
1 / 1 point
True ****
False
8.
Question 8
Which ransomware used fake Adobe Flash download websites to distribute and install ransomware?
1 / 1 point
WannaCry
Jigsaw
Bad Rabbit ****
GoldenEye
9.
Question 9
True or False. It is feared that in the future our cars, homes and factories may fall victim to ransomware attacks as more and more devices join the Internet of Things.
1 / 1 point
True ****
False
1.- A cyber attack originating from which three (3) of the following would be considered a supply-chain attack? (Select 3)
ReplyDeleteAnswer: SubContractors, E-mail providers, web hosting companies
2.- Which three (3) of these were cited as the top 3 sources of third-party breach? (Select 3)
Answer:
Online payment or credit card processing services
JavaScript on websites used for web analytics
Cloud-based storage or hosting providers
3.-Pregunta 3
True or False. While data loss from a third-party breach can be expensive, third-party breaches account for less than 22% of all breaches.
Answer: false
4.- According to a 2019 Ponemon study, what percent of consumers say they will defect from a business if their personal information is compromised in a breach?
Answer: 80%