212-89 Exam Question 121
Mr.Smith is a lead incident responder of a small financial enterprise, which has a few branches in Australia. Recently, the company suffered a massive attack losing$5MM through an inter-banking system.
After an in-depth investigation, it was found that the incident occurred because 6 months ago the attackers penetrated the network through a minor vulnerability and maintained the access without any user being aware of it. They then tried to delete users' fingerprints and performed a lateral movement to the computer of a person with privileges in the inter-banking system. The attackers finally gained access and performed the fraudulent transactions.
Based on the above scenario, identify the most accurate kind of attack.
After an in-depth investigation, it was found that the incident occurred because 6 months ago the attackers penetrated the network through a minor vulnerability and maintained the access without any user being aware of it. They then tried to delete users' fingerprints and performed a lateral movement to the computer of a person with privileges in the inter-banking system. The attackers finally gained access and performed the fraudulent transactions.
Based on the above scenario, identify the most accurate kind of attack.
212-89 Exam Question 122
Auser downloaded what appears to be genuine software. Unknown to her, when she installed the application, it executed code that provided an unauthorized remote attacker access to her computer. What type of malicious threat displays this characteristic?
212-89 Exam Question 123
Which of the following processes is referred to as an approach to respond to the security incidents that occurred in an organization and enables the response team by ensuring that they know exactly what process to follow in case of security incidents?
212-89 Exam Question 124
Risk management consists of three processes, risk assessment, mitigation and evaluation. Risk assessment determines the extent of the potential threat and the risk associated with an IT system through its SDLC. How many primary steps does NIST's risk assessment methodology involve?
212-89 Exam Question 125
Which of the following may be considered as insider threat(s):