CompTIA CySA+ Practice Questions: Threat Intelligence (CS0-003)

Question 1

What is the PRIMARY purpose of the MITRE ATT&CK framework? (Q-628018)

Accepted Answer

To document adversary tactics and techniques

Answer

To list software vulnerabilities

Answer

To automate patch management

Answer

To encrypt network traffic

Question 2

What does TTP stand for in threat intelligence? (Q-628019)

Accepted Answer

Tactics, Techniques, and Procedures

Answer

Time-To-Patch

Answer

Trusted Third Party

Answer

Transport Layer Protection

Question 3

What is the PRIMARY purpose of the Diamond Model of Intrusion Analysis? (Q-628024)

Accepted Answer

To model cyber threats across four core elements

Answer

To classify malware

Answer

To map adversary infrastructure

Answer

To encrypt network traffic

Question 4

What is the PRIMARY purpose of a threat intelligence platform (TIP)? (Q-628042)

Accepted Answer

To aggregate and analyze threat data

Answer

To encrypt all network traffic

Answer

To replace firewalls

Answer

To train employees on phishing

Question 5

What is the PRIMARY purpose of a threat intelligence platform (TIP)? (Q-628070)

Accepted Answer

To aggregate and analyze threat data

Answer

To encrypt all network traffic

Answer

To replace firewalls

Answer

To train employees on phishing

Question 6

What is the PRIMARY purpose of a threat intelligence platform (TIP)? (Q-628080)

Accepted Answer

To aggregate and analyze threat data

Answer

To encrypt all network traffic

Answer

To replace firewalls

Answer

To train employees on phishing

Question 7

Which threat intelligence standard is used for automating the exchange of cyber threat information?

Accepted Answer

STIX/TAXII

Answer

CVSS

Answer

OWASP

Answer

NIST CSF

Question 8

Why should threat intelligence indicators have expiration or review dates?

Accepted Answer

Indicators can become stale and create false positives

Answer

They must never be removed

Answer

They are only used for backups

Answer

They replace incident response

Question 9

Which kind of IOC is easiest for attackers to change and often has the shortest useful lifetime?

Accepted Answer

IP address

Answer

TTP pattern

Answer

Business objective

Answer

Malware behavior family

CompTIA CySA+ Practice Questions: Threat Intelligence

Q1. What is the PRIMARY purpose of the MITRE ATT&CK framework? (Q-628018)

Q2. What does TTP stand for in threat intelligence? (Q-628019)

Q3. What is the PRIMARY purpose of the Diamond Model of Intrusion Analysis? (Q-628024)

Q4. What is the PRIMARY purpose of a threat intelligence platform (TIP)? (Q-628042)

Q5. What is the PRIMARY purpose of a threat intelligence platform (TIP)? (Q-628070)

Q6. What is the PRIMARY purpose of a threat intelligence platform (TIP)? (Q-628080)

Q7. Which threat intelligence standard is used for automating the exchange of cyber threat information?

Q8. Why should threat intelligence indicators have expiration or review dates?

Q9. Which kind of IOC is easiest for attackers to change and often has the shortest useful lifetime?

More CompTIA CySA+ practice topics