26/8/2020 Learning Activity

(/s/) Productos y serv

Buscar... RAFAEL STEVEN SOT…

(/s/)

039.02 - Exam: Kaspersky Threat Intelligence [e] > Threat Data Tiempo restante: 00:01:08
Feeds

Progreso 20 / 20 100%

5. A few computers of ABC Inc. have become a part of a botnet. Which Threat Data Feeds can help IS o icers to detect bots
installed on the workstations and associate them with the botnet?

Malicious hash feeds

Mobile botnet feeds

Botnet C&C

6. You aim to reduce the load on the mail gateway and improve anti-spam protection. How can Threat Data Feeds help you?

You can make the mail gateway block spamming IP addresses listed in the feeds

You can make the mail gateway block any addresses that have rating 75 or more according to IP Reputation feeds

You can make the mail gateway block addresses that pertain to the spam category according to IP Reputation feeds

You can make the mail gateway block addresses that pertain to the spam category and have rating 75 or more according to IP Reputation feeds

7. ABC Inc. su ered losses because of a malicious application installed on employees’ smartphones, which sent SMS messages
to premium rate numbers. Which Threat Data Feeds can help to detect this application?

Malicious hash feeds

Botnet C&C feeds

P-SMS Trojan feeds

Malicious mobile hash feeds

8. Which of the following le categories CANNOT be included in Whitelisting Threat Data Feeds?

Malicious les

Files of unde ned status

Clean les

All of the above groups may get in the feeds

Potentially dangerous (Riskware)

9. In which format are Threat Data Feeds supplied?

https://partners.kaspersky.com/s/learning-activity-detail-standard?ltui__urlRecordId=a425J0000004cWaQAI&ltui__urlRedirect=learning-activity-detail-s… 1/3
26/8/2020 Learning Activity

json

csv

openioc

stix

binary

10. Which Threat Data Feeds can help to check whether some inbound connections are established from a Tor network?
You are investigating an incident related to theft of con dential information from an organization’s web servers. There is a suspicion that
the C&C channel uses Tor. 

Data feeds do not provide this information

Tor exit nodes

Botnet C&C

IP reputation

11. Which category do Threat Data Feeds pertain to in the Adaptive Security model?

Respond

Prevent

Detect

Predict

12. How to receive Threat Data Feeds in OpenIoC format?

Add the "?type=openioc" parameter to the Threat Data Feeds URL in "download_feeds.py"

Use the KL Feed Utility

Use the "kl_feed_ lter" utility

Threat Data Feeds are supplied in OpenIoC format by default

13. Which security risks do Threat Data Feeds help to mitigate?

Local privilege escalation

A server without antivirus protection

Bring Your Own Device

Lateral movement

Guest notebooks that do not meet the internal security policy

Cancelar Restablecer Anterior Siguiente Enviar

https://partners.kaspersky.com/s/learning-activity-detail-standard?ltui__urlRecordId=a425J0000004cWaQAI&ltui__urlRedirect=learning-activity-detail-s… 2/3
26/8/2020 Learning Activity

Política de privacidad (https://latam.kaspersky.com/web-privacy-policy) Noticias (/s/all-news)

Soporte técnico (/s/contacts?tabset-1c028=a5a48) Contactos (/s/contacts)

© 2020 AO Kaspersky. All Rights Reserved

(h
tt
ps
(h ://
tt w
(h ps w
tt :// w.l
ps w in
:// w ke
w w. di
w yo n. (h
w. ut c tt
fa u o ps
c b m ://
e e. /c t
b c o wi
o o m tt
ok m p er.
.c /u an c
o se y/ o
m r/ ka m
/K K sp /k
as as er as
p p sk p
er er y- er
sk sk la sk
y) y) b) y)

https://partners.kaspersky.com/s/learning-activity-detail-standard?ltui__urlRecordId=a425J0000004cWaQAI&ltui__urlRedirect=learning-activity-detail-s… 3/3