A fileless malware attack abuses legitimate system tools like PowerShell and Windows Management Instrumentation (WMI) to execute malicious actions. What is the primary reason attackers use this technique?

A company's software vendor unknowingly distributes a compromised update containing malicious code that infects thousands of customer systems. Which type of attack does this describe?

An attacker intercepts an unencrypted key exchange between two parties and injects their own keys, allowing them to decrypt all future communications. Which attack was performed?

A hacker uses publicly available information from a company's social media posts, press releases, and employee LinkedIn profiles to craft a highly convincing phishing email. Which technique is being used?

A company deploys thousands of internet-connected security cameras, but soon discovers that default credentials were never changed, allowing attackers to compromise them. Which security flaw was exploited?

A security analyst suspects that an attacker is using image files to smuggle sensitive data out of the company network without detection. Which technique is the attacker most likely using?

A security team is performing root cause analysis after an attack. Which incident response phase are they in?

An organization encrypts all sensitive data at rest and in transit. Which security principle is being enforced?

Which method is the most effective for proactively identifying threats before they cause damage?

A hacker modifies a web application’s URL query string, injecting malicious JavaScript that executes in users' browsers. Which attack is this?

An attacker sets up a rogue Wi-Fi hotspot named "Company Free WiFi" to intercept and steal employee login credentials. Which attack is this?

Which security control best mitigates the risk of online brute force attacks on user accounts?

A company uses a misconfigured S3 bucket to store confidential customer data. Which security principle is violated?

A cybersecurity analyst detects outgoing HTTPS traffic from multiple company endpoints, all communicating with the same unknown IP address at regular intervals. Which attack technique is this indicative of?

A disgruntled IT administrator installs a time-delayed malicious script that will delete critical files one month after his resignation. What type of attack is this?

An attacker spoofs a DNS response, redirecting users from a legitimate banking site to a malicious phishing website. Which type of attack is this?

A new strain of malware modifies the Master Boot Record (MBR), allowing it to execute before the operating system loads. Which type of malware is this?

An attacker intercepts encrypted messages and attempts to discover the encryption key by sending chosen ciphertexts to the target system and analyzing the decrypted output. Which attack method is being used?

A system administrator suspects a rootkit infection on a critical server. Which method is the most effective way to detect and remove it?

A security analyst discovers that an attacker gained access to a low-privileged user account and then executed a kernel-mode exploit to obtain full administrative control over the system. Which type of attack was used?