a. What security mistake did Fazio Mechanical Services make?

1a.) The Target attackers probably first broke into Target using the credentials of a(n) ________.

a. Low-level Target employee

b. Target IT employee

c. Target security employee

d. Employee in a firm outside Target

b. Why do you think it did this? (This requires you to speculate.)

c. How might segregation of the network have stopped the breach?

d. Why do you think the Minneapolis security staff did not heed the FireEye warning? (This also requires you to speculate.)

e. What warnings did Target not responded to adequately?

1e.) Target received warnings during the attack. This happened ________.

a. On the vendor server

b. When the POS download server was compromised

c. When the exfiltration server was compromised

d. None of the above

f. What happens in a kill chain if a single action fails anywhere in the chain?

1f.) In a kill chain, ________.

a. Stopping the attack at a single step stops the attack

b. Stopping the attack at multiple steps stops the attack

c. Stopping the attack at all steps stops the attack

d. None of the above

g. How can kill chain analysis allow companies to identify security actions it should take?

h. Explain why security is a process, not a product.

1h.) Security is primarily about ________.

a. Technology

b. Planning

c. Management

d. None of the above