Question 16
Mr.Smith is a lead incident responder of a small financial enterprise, which has a few branches in Australia. Recently, the company suffered a massive attack losing$5MM through an inter-banking system.
After an in-depth investigation, it was found that the incident occurred because 6 months ago the attackers penetrated the network through a minor vulnerability and maintained the access without any user being aware of it. They then tried to delete users' fingerprints and performed a lateral movement to the computer of a person with privileges in the inter-banking system. The attackers finally gained access and performed the fraudulent transactions.
Based on the above scenario, identify the most accurate kind of attack.
Question 17
Dash wants to perform a DoS attack over 256 target URLs simultaneously.
Which of the following tools can Dash employ to achieve his objective?
Question 18
Identify the network security incident where intended authorized users are prevented from using system,
network, or applications by flooding the network with high volume of traffic that consumes all existing network
resources.
Question 19
Otis is an incident handler working in the Delmont organization. Recently, the organization is facing several setbacks in the business and thereby its revenues are going down. Otis was asked to take charge and look into the matter. While auditing the enterprise security, he found the traces of an attack where proprietary information was stolen from the enterprise network and was passed on to their competitors.
Which of the following information security incidents did the Delmont organization face?
Question 20
The insider risk matrix consists of technical literacy and business process knowledge vectors. Considering the
matrix, one can conclude that: