Documente Academic
Documente Profesional
Documente Cultură
Administrative Account
User Account
Sensitive data that the organization should protect
Public Information
Question 2: In what ways attackers can use the Privileges to install software on a server machine?
Install Malware
Uninstall the Antivirus
Retrieve the domain controller password
Connect to C2 Server
Question 3: _______ infects the computer by visiting a website that is running malicious code.
Social Engineering
Drive-by-Download method
Spear-Phishing method
Social Engineering
External Reconnaissance - Attackers collect data that will help them to attack the
organization
Cyber attackers use a mix method (Spear-Phishing, Drive-by-Download) to breach the
organization
Lateral movement within the organization to take control of additional machines
Internal Reconnaissance - Attackers collect data inside the network that will help to get to their
goal.
Question 5: Organizations should remove local admin rights from standard users.
True
False
Question 6: ______ are used by applications to access databases and provide access to other
applications.
User Account
Local Admin Accounts
Service Accounts
Application accounts
Question 8: The "new era" of information technology operations has opened the door to
possibilities for various attack vectors to exploit and compromise business. Which of the following
are examples of the new risks?
Employees can take their laptops home or use their own devices at work
Employee may print sensitive data such as credit card numbers
Enterprises open their networks to partners and contractors to provide access to business-
critical resources
Many organizations have adopted the cloud infrastructure and social media platforms to
conduct and facilitate business.
Question 9: ______ are typically used by the IT staff to perform maintenance or to set up new
workstations
User Accounts
Local Admin Accounts
Service Accounts
Application Accounts
True
False
Question 11: _____ is when attackers manipulate people so they give up confidential information
or passwords.
Social Engineering
Zero-day- Attacks
Drive-by-Download method
Spear-phishing method
Question 12: A successful phishing attack, that caused infiltration of data is an example of _______.
Unintentional Insiders
Zero-day Attack
Malicious Insider
Exploited Insiders
Question 13: Organizations should analyze user and account behavious to detect anomalous activity
True
False
Question 14: ______ may simply take a wrong or careless decision, accidentally delete or modify
critical information or lose a laptop with sensitive information.
Malicious Insiders
Unintentional Insiders
Exploited Insiders
Attackers
Question 15: Organizations should proactively secure and monitor the ise of high-value accounts.
True
False
Question 16: Organizations should wait with patching systems until all zero-days exploits are
known
True
False
Question 17: What are the guiding principles of the CyberArk Blueprint for Privileged Access
Management Success?
The attackers try to attack everyone, organizations and individuals in order to get as much money
as possible.
Most of the attacks are unintentional and are caused by an employee that took a careless decision
The attack is persistent, and the attackers coordinate activities to stay undetected
The attackers don't need to spend lots of effort in ensuring that the attack continues after reaching
the end-point
Question 20: Which account is super user account that an application or service uses to interact
with the operating system?
Administrative Account
Any User Account
Service Account
Root Account
Question 21: ______ may be tricked by external parties into sharing data or passwords.
Attackers
Malicious Insiders
Exploited Insiders
Unintentional Insiders
Question 22: Which of the following approaches are good ways to identify Phishing emails?
Question 23: ______ includes an email scam that targets individuals within an organization.
Drive-by-Download method
Zero-day Attacks
Social Engineering
Spear-phishing method
Question 25: Which account is a special user account that an application or service uses to interact
with the operating system?
Administrative Account
Service Account
Root Account
Any User Account
True
False
Question 28: What is typical ration between privilege account and the number of employees in an
organization?
Malicious Insiders
Attackers
unintentional Insiders
Exploited Insiders