check

CWL Blue Team Challenge: CCDA 80% OFF Quiz

Complete our Blue Teaming Quiz and score at least 80% to unlock a special offer: Flat 80% OFF on our best-selling certification, Certified Cyber Defense Analyst!

Test your skills and secure your discount today!

Click the button below to start.

Start

Question 1 of 10

Which term describes phishing attacks that target specific individuals or organizations?

A

Whale phishing

B

Cat-fishing

C

Random phishing

D

Spear phishing

Question 2 of 10

Which of the following techniques is commonly used in phishing attacks to disguise the source of an email?

A

Domain spoofing

B

URL shortening

C

Code obfuscation

D

Encryption

Question 3 of 10

Which of the following is a sign that a web application might be under attack?

A

Sudden spike in server traffic and unusual error messages

B

Increased website loading speed

C

Normal user activity

D

Regular software updates

Question 4 of 10

Select all the tools commonly used for identifying and detecting web-targeted attacks.

(Select all that apply)
A

IDS/IPS

B

HIDS

C

WAF

D

SIEM

Question 5 of 10

You receive an alert about a failed login attempt from a user account that is not recognized. What should you do to investigate?

A

Contact the user to confirm their activities

B

Immediately lock the user account

C

Reset the user’s password and monitor for further attempts

D

Review the authentication logs to see if there have been multiple failed attempts or other suspicious activities

Question 6 of 10

An external IP address has been detected making repeated requests to your web application’s API endpoints. How should you investigate this?

A

Block the IP address and continue monitoring

B

Analyze the request patterns and frequency in your web server logs to determine if the behavior is malicious or part of an attack

C

Ignore it if the IP address is not listed in threat intelligence feeds

D

Contact your ISP to report the suspicious activity

Question 7 of 10

You discover an unauthorized application running on a critical server. What should be your next step?

A

Uninstall the application immediately

B

Investigate the application's origin and purpose by checking system logs and file properties

C

Reformat the server to remove the application

D

Inform the user about the unauthorized software

Question 8 of 10

While monitoring Event ID 4768 appears in your logs. What does this event represent?

A

A successful logon using cached credentials

B

A password reset was performed

C

A Kerberos authentication ticket was requested

D

A security group membership change

Question 9 of 10

 Identify a malicious file name associated with the give hash “b10fa150e9f022838347115d39fa672440c740a014913947b79464b68dcc2d55”

A

evil.exe

B

mwdg.sh

C

Implant.cpp

D

rev.exe

Question 10 of 10

Your SIEM system flags an unusual process creation pattern involving a legitimate application running from an uncommon directory. What type of Indicator does this represent?

A

IoC (Indicator of Compromise)

B

IoA (Indicator of Attack)

C

False Positive

D

System Alert

Confirm and Submit