What is the difference between statistical detection and rule-based detection models?
Question 22
What is the difference between a threat and a risk?
Question 23
Which attack method intercepts traffic on a switched network?
Question 24
What does an attacker use to determine which network ports are listening on a potential target device?
Question 25
What is a purpose of a vulnerability management framework?
Question 26
A network engineer discovers that a foreign government hacked one of the defense contractors in their home country and stole intellectual property. What is the threat agent in this situation?
Question 27
What is the practice of giving an employee access to only the resources needed to accomplish their job?
Question 28
Which metric is used to capture the level of access needed to launch a successful attack?
Question 29
What is the difference between an attack vector and an attack surface?
Question 30
Which metric in CVSS indicates an attack that takes a destination bank account number and replaces it with a different bank account number?
