• Tutorials
  • Courses
  • Tracks

Cyber Quiz Day 49

Last Updated :
Discuss
Comments

Question 1

What was the primary propagation mechanism used by WannaCry to spread across networks?

  • Email phishing with attachments

  • Exploitation of SMBv1 vulnerability (EternalBlue)

  • USB drive infections

  • USB drive infections

Discuss it

Question 2

Which factor significantly contributed to WannaCry’s rapid global impact?

  • Mandatory two-factor authentication

  • It demanded payments in conventional currencies

  • Many systems were still unpatched, including older Windows versions

  • Use of advanced rootkits

Discuss it

Question 3

In the Emotet → TrickBot → Ryuk chain, what role does TrickBot play?

  • It launches the initial phishing campaign

  • It performs reconnaissance, credential theft and internal network control

  • It acts as the encryption payload

  • It cleans up traces after infection

Discuss it

Question 4

Which of the following is not typically part of a Business Email Compromise (BEC) vector used in QakBot campaigns?

  • Tailored phishing emails mimicking internal communication

  • Macro-enabled attachments

  • Malicious USB drives left at the organization

  • Spoofed sender domains

Discuss it

Question 5

Which mitigation was especially effective in slowing WannaCry’s spread globally?

  • Requiring users to pay ransom

  • Registering the kill-switch domain

  • Blocking all HTTP traffic

  • Updating firewall firmware only

Discuss it

Question 6

What is double extortion in ransomware attacks like those involving Ryuk or QakBot?

  • Demanding ransom in two cryptocurrencies

  • Demanding payment twice for the same file

  • Encrypting data and threatening to leak exfiltrated data if not paid

  • Using two different exploits for encryption

Discuss it

Question 7

Which method is MOST effective in defending against the Emotet‐to‐Ryuk attack chain?

  • Only endpoint antivirus installation

  • Opening every email attachment in a sandbox automatically

  • Banning all web browsing

  • Disabling macros in Office documents and using MFA for email access

Discuss it

Question 8

After detecting QakBot in the network, which immediate step best limits its lateral movement?

  • Shut down all servers instantly

  • Isolate the infected host(s), rotate credentials, and block lateral protocols (SMB, RDP)

  • Send ransom demands to attacker

  • Disable antivirus across entire network

Discuss it

Question 9

In the context of ransomware attacks, what is the significance of network segmentation?

  • It speeds up encryption of files

  • It prevents attackers from moving laterally across entire infrastructure

  • It disables all external internet access

  • It ensures all data is encrypted redundantly

Discuss it

Question 10

Which of the following is NOT a reliable indicator that a system was compromised in one of these campaigns?

  • Unusual outbound connections to known C2 domains

  • Hash of a file matching a known malware sample

  • Legitimate software update URLs matching Microsoft’s domain

  • Unexpected registry keys created under Run or Scheduled Tasks

Discuss it

There are 10 questions to complete.

Take a part in the ongoing discussion