End-of-Course Exam
SCORE: 60%
FAILED
Question 1
Incorrect
Which of the following are the three attributes of human threat? Select the three correct
responses.
Your answer: Opportunity,Vulnerability,Intent
Correct answer: Opportunity,Intent,Capability
Question 2
Correct
Which of the following best describes capability?
Your answer: The resources available to perform an attack.
Question 3
Incorrect
Which of the following best describes opportunity?
Your answer: The resources available to perform an attack.
Correct answer: The conditions needed for adversaries to be confident their attack will be
successful.
Question 4
Correct
Which of the following best describes intent?
Your answer: The motive or goal of the attack.
Question 5
Incorrect
�Which of the following best describes Group 1 - Mainstream Threat Actors? Select all that apply.
Your answer: Motivated by notoriety or attention,Single entity or small group,Star or hierarchy
structured,Motivated by financial, revenge, blackmail
Correct answer: Motivated by notoriety or attention,Single entity or small group
Question 6
Incorrect
Which of the following best describes Group 2 - Organized Threat Actors? Select all that apply.
Your answer: Motivated by notoriety or attention,Single entity or small group,Well organized and
funded,Criminals, activists, or competitors
Correct answer: Star or hierarchy structured,Criminals, activists, or competitors,Motivated by
financial, revenge, blackmail
Question 7
Incorrect
Which of the following best describes Group 3 - Terrorist/Nation State Threat Actors? Select all
that apply.
Your answer: Very sophisticated,Single entity or small group,Well organized and funded,Uses war,
major security/economic impacts
Correct answer: Very sophisticated,Well organized and funded,Uses war, major security/economic
impacts
Question 8
Incorrect
According to the risk curve, the severity of consequences of an attack increase, while the
likelihood of a successful attack decreases.
Your answer: False
Correct answer: True
Question 9
Incorrect
�According to the risk curve, the likelihood of an attack by Group 3 - Terrorist/Nation State Threat
Actors is _____, while the consequences are typically _____.
Your answer: most likely, most severe
Correct answer: least likely, most severe
Question 10
Incorrect
Insiders may not have _____, but they have _____, making them a significant threat.
Your answer: capability, intent and opportunity
Correct answer: intent, capability and opportunity
Question 11
Correct
The most likely ICS attacks originate from an insider or from an external adversary who has
acquired credentials to operate as a trusted insider.
Your answer: True
Question 12
Correct
Motivations for intentional threats may include which of the following? Select all that apply.
Your answer: Curiosity,Financial,Blackmail,Revenge
Question 13
Correct
ICS defenses have evolved more rapidly than those in the corporate IT world.
Your answer: False
Question 14
Correct
Deploying certain security countermeasures into an ICS environment may impact _____.
�Your answer: Productivity
Question 15
Correct
There is evidence that ICS cybersecurity threats are _____.
Your answer: Increasing
Question 16
Correct
Which of the following best describes the attack life cycle?
Your answer: 1. Reconnaissance/targeting 2. Vulnerability assessment 3. Attack/penetration
Question 17
Correct
Which of the following best describes social engineering?
Your answer: Used to get privileged information from an insider on the targeted system or
network
Question 18
Correct
Which of the following best describes Zero Day exploits?
Your answer: Takes advantage of vulnerabilities not well known and for which no countermeasure
has been developed
Question 19
Correct
Which of the following best describes Denial of Service?
Your answer: Makes networks or computer resources unavailable
Question 20
�Correct
Which of the following best describes phishing?
Your answer: Email containing malicious files or links to disreputable websites
