Stephen, an attacker, targeted the industrial control systems of an organization. He generated a fraudulent email with a malicious attachment and sent it to employees of the target organization. An employee who manages the sales software of the operational plant opened the fraudulent email and clicked on the malicious attachment. This resulted in the malicious attachment being downloaded and malware being injected into the sales software maintained in the victim's system. Further, the malware propagated itself to other networked systems, finally damaging the industrial automation components. What is the attack technique used by Stephen to damage the industrial systems?

1. A. Spear-phishing attack
2. B. SMishing attack
3. C. Reconnaissance attack
4. D. HMI-based attack

Correct Answer: A

Kevin, a professional hacker, wants to penetrate CyberTech Inc.’s network. He employed a technique, using which he encoded packets with Unicode characters. The company’s IDS cannot recognize the packet, but the target web server can decode them.
What is the technique used by Kevin to evade the IDS system?

1. A. Desynchronization
2. B. Obfuscating
3. C. Session splicing
4. D. Urgency flag

Correct Answer: B
Adversaries could decide to build an possible or file difficult to find or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. this is often common behavior which will be used across totally different platforms and therefore the network to evade defenses.
Payloads may be compressed, archived, or encrypted so as to avoid detection. These payloads may be used throughout Initial Access or later to mitigate detection. typically a user’s action could also be needed to open and Deobfuscate/Decode Files or info for User Execution. The user can also be needed to input a parole to open a parole protected compressed/encrypted file that was provided by the mortal. Adversaries can also used compressed or archived scripts, like JavaScript.
Portions of files can even be encoded to cover the plain-text strings that will otherwise facilitate defenders with discovery. Payloads can also be split into separate, ostensibly benign files that solely reveal malicious practicality once reassembled.
Adversaries can also modify commands dead from payloads or directly via a Command and Scripting Interpreter. surroundings variables, aliases, characters, and different platform/language specific linguistics may be wont to evade signature based mostly detections and application management mechanisms.

On performing a risk assessment, you need to determine the potential impacts when some of the critical business processes of the company interrupt its service.
What is the name of the process by which you can determine those critical businesses?

1. A. Emergency Plan Response (EPR)
2. B. Business Impact Analysis (BIA)
3. C. Risk Mitigation
4. D. Disaster Recovery Planning (DRP)

Correct Answer: B

What did the following commands determine?

1. A. That the Joe account has a SID of 500
2. B. These commands demonstrate that the guest account has NOT been disabled
3. C. These commands demonstrate that the guest account has been disabled
4. D. That the true administrator is Joe
5. E. Issued alone, these commands prove nothing

Correct Answer: D

Which among the following is the best example of the hacking concept called "clearing tracks"?

1. A. After a system is breached, a hacker creates a backdoor to allow re-entry into a system.
2. B. During a cyberattack, a hacker injects a rootkit into a server.
3. C. An attacker gains access to a server through an exploitable vulnerability.
4. D. During a cyberattack, a hacker corrupts the event logs on all machines.

Correct Answer: D