Question 1: Health information, Credit Card Numbers, Social Security Numbers and Intellectual

Property (IP) are examples for

 Administrative Account
 User Account
 Sensitive data that the organization should protect
 Public Information

Question 2: In what ways attackers can use the Privileges to install software on a server machine?

 Install Malware
 Uninstall the Antivirus
 Retrieve the domain controller password
 Connect to C2 Server

Question 3: _______ infects the computer by visiting a website that is running malicious code.

 Social Engineering
 Drive-by-Download method
 Spear-Phishing method
 Social Engineering

Question 4: The first step of a targeted attack is ________.

 External Reconnaissance - Attackers collect data that will help them to attack the
organization
 Cyber attackers use a mix method (Spear-Phishing, Drive-by-Download) to breach the
organization
 Lateral movement within the organization to take control of additional machines
 Internal Reconnaissance - Attackers collect data inside the network that will help to get to their
goal.

Question 5: Organizations should remove local admin rights from standard users.

 True
 False

Question 6: ______ are used by applications to access databases and provide access to other
applications.

 User Account
 Local Admin Accounts
 Service Accounts
 Application accounts

Question 7: Monitoring privileged session activity is only recommended for contractors?

  True
 False

Question 8: The "new era" of information technology operations has opened the door to
possibilities for various attack vectors to exploit and compromise business. Which of the following
are examples of the new risks?

 Employees can take their laptops home or use their own devices at work
 Employee may print sensitive data such as credit card numbers
 Enterprises open their networks to partners and contractors to provide access to business-
critical resources
 Many organizations have adopted the cloud infrastructure and social media platforms to
conduct and facilitate business.

Question 9: ______ are typically used by the IT staff to perform maintenance or to set up new
workstations

 User Accounts
 Local Admin Accounts
 Service Accounts
 Application Accounts

Question 10: Organizations should change administrative password frequently

 True
 False

Question 11: _____ is when attackers manipulate people so they give up confidential information
or passwords.

 Social Engineering
 Zero-day- Attacks
 Drive-by-Download method
 Spear-phishing method

Question 12: A successful phishing attack, that caused infiltration of data is an example of _______.

 Unintentional Insiders
 Zero-day Attack
 Malicious Insider
 Exploited Insiders

Question 13: Organizations should analyze user and account behavious to detect anomalous activity

 True
 False
Question 14: ______ may simply take a wrong or careless decision, accidentally delete or modify
critical information or lose a laptop with sensitive information.

 Malicious Insiders
 Unintentional Insiders
 Exploited Insiders
 Attackers

Question 15: Organizations should proactively secure and monitor the ise of high-value accounts.

 True
 False

Question 16: Organizations should wait with patching systems until all zero-days exploits are
known

 True
 False

Question 17: What are the guiding principles of the CyberArk Blueprint for Privileged Access
Management Success?

 Prevent Credential Theft

 Stop Lateral & Vertical Movement
 Limit Privilege Escalation & Abuse
 Protect Against Irreversible Network Takeover Attacks

Question 18: Which of the following answers is a characteristic of a Targeted Attack?

 The attackers try to attack everyone, organizations and individuals in order to get as much money
as possible.
 Most of the attacks are unintentional and are caused by an employee that took a careless decision
 The attack is persistent, and the attackers coordinate activities to stay undetected
 The attackers don't need to spend lots of effort in ensuring that the attack continues after reaching
the end-point

Question 19: What are Blueprint's recommendations based on?

 Decades of Implementation Experience

 Red Team & Incident Response Experience
 PCI-DSS, HIPPA, & SOX
 Stakeholder Interviews & Questionnaires

Question 20: Which account is super user account that an application or service uses to interact
with the operating system?

 Administrative Account
  Any User Account
 Service Account
 Root Account

Question 21: ______ may be tricked by external parties into sharing data or passwords.

 Attackers
 Malicious Insiders
 Exploited Insiders
 Unintentional Insiders

Question 22: Which of the following approaches are good ways to identify Phishing emails?

 Don't Trust the display name

 Hover over the links to see the full URL
 Check for spelling mistakes
 Click on the Attachment

Question 23: ______ includes an email scam that targets individuals within an organization.

 Drive-by-Download method
 Zero-day Attacks
 Social Engineering
 Spear-phishing method

Question 24: What is difference between Malware and Ransomware?

 Ransomware is a type of Malware

 Malware is a type of Ransomware
 The sources of Ransomware is always Phishing emails
 Ransomware needs Privileged Accounts to be successful

Question 25: Which account is a special user account that an application or service uses to interact
with the operating system?

 Administrative Account
 Service Account
 Root Account
 Any User Account

Question 26: Organizations should encourage users to be suspicious of unexpected emails.

 True
 False

Question 27: Which accounts are considered privileged accounts?

  Elevated personal user accounts
 End-point account with controlled access
 Shared privileged accounts
 Application accounts

Question 28: What is typical ration between privilege account and the number of employees in an
organization?

 Less employees than privileged accounts

 More employees than privileged accounts
 1:1. Every employees has a singled privileged accounts

Question 29: ____ will deliberately steal information or cause damage.

 Malicious Insiders
 Attackers
 unintentional Insiders
 Exploited Insiders