SEC+ Exam C
What is the extention for a Microsoft PowerShell script file?
.ps1
Which extension can be used for cross-platform general-purpose programming language?
.py
Which extension can be used for a scripting language based on the Microsoft's Visual Basic programming language.
.vbs
What is another way to refer to a Directory traversal attack?
A dot-dot-slash attack
What is a characteristic feature of a Spraying attack?
A short list of commonly used passwords tried against large number of user accounts
An insurance company charges an additional $200 monthly premium for natural disaster coverage for your business site. What figure must you compare this against to determine whether to accept this additional coverage?
ALE
Which of the following enables the exchange of information between computer programs?
API
Your company is required to be protect and control the access to data by government regulations. The data cannot be accessible by corporate networks or the Internet. Which of the following is the BEST solution to protect the data?
An air gap
Which term fall into the category of semi-authorized hacking activities?
Blue hat
The confidentiality of the data is being protected.
Bluebourne
Gaining unauthorized access to a Bluetooth device is referred to as:
Bluesnarfing
Which of the following refers to unauthorized data access of a Bluetooth device over a Bluetooth wireless network?
Bluesnarfing
Providing a high and low estimate in order to entice a more specific number is the definiton of:
Bracketing
A type of exploit that relies on overwriting contents of memory to cause unpredictable results in an application is called:
Buffer overflow
New regulations have just been passed into law regarding data breaches and protective measures regaurding PII. Your company's Chief Security Officer (CSO) has calculated that one single breach could cost the company $700,000 at a minimum. Which of the following documents is the CSO most likely going to update?
Business impact analysis
What is a method for requesting a digital certificate?
CSR
When you attempt to use your smartphone to connect to the coffee shop Wi-Fi, you are presented with the web page shown below. What has been configured to require web page authentication prior to your gaining Internet access?
Captive portal
Collecting evidence and preserving the admissibility of the evidence is which of the following forensic technique?
Chain of custody
Which data forensic term encompasses documenting all aspects of evidence to ensure its integrity?
Chain of custody
Team members meet in an informal, classroom setting to discuss their roles during an emergency and their responses to a particular emergency situation. Decision makers help guide participants through dynamic scenarios and lead discussions on these scenarios. Which term best describes this:
Conducting a tabletop exercise
A video game company is working on a patch to its newest game (IT SIM LIFE). The company requires all patches to go through intensive testing prior to distributing them to the online environment. Which of the 8following should the administrator use to test the patching process quickly and often?
Create a virtualized sandbox and utilize snapshots
Your organization security policy requires all personnel to secure personal electronic devices outside of a security area. What did your organization determine to be a risk to its data when creating this policy?
Data exfiltration
A wireless disassociation attack is a type of?
Deauthentication attack
A wireless jamming attack is a type of?
Denial-of-Service (DoS) attack
Which of the following control types is an IDS?
Detective
What should you do to secure a switch from physical access?
Disable unused ports
Which of the following is considered a requirement for data availability?
Disaster recovery planning
Which factor has the biggest impact the reputation of a domain?
Distribution of spam
Which cryptographic approach uses points on a curve to define public and private key pairs?
ECC
What can be done to protect data after a handheld device is lost or stolen?
Execute a remote wipe.
Which of the following answers can be used to describe characteristics of a cross-site request forgery attack?
Exploits the trust a website has in the user's web browser, Website executes attacker's requests, A user is tricked by an attacker into submitting unauthorized web requests
ARP poisoning is designed to spoof the IP address in namespace records whereas DNS poison is designed to spoof physical addresses in the computer's address cache.
False
PKI relies on a pair of symmetric keys in which all users must publish their private key to the system to enable senders to encrypt email messages.
False
The two primary modes of operation for IPSEC is tunnel and transport. Tunnel mode encrypts only the data portion of the packet whereas transport mode encrypts the entire packet for added security.
False
The web developers at your company are testing their latest web site code before going live to ensure that it is robust and secure. During their testing, they provide malformed URLs with additional abnormal parameters as well as an abundance of random data. Which term describes their actions?
Fuzzing
Which of the following frameworks protects PHI?
HIPAA
Which term best describes a person who breaks into a computer network or system for socially motivated purpose?
Hacktivist
Which of the following refers to the contents of a rainbow table?
Hash/Password
Which statement best describe the attributes of an APT?
High level of technical sophistication
Which term describes an intentionally vulnerable computer used to track malicious activity?
Honeypot
You work for an international corporation that conducts a great deal of transborder data exchange between other countries. Which standard framework should your company be compliant with?
ISO 27000 series
Which social engineering attack relies on identity theft?
Impersonation
A situation in which a web form field accepts data other than expected (e.g. server commands) is an example of:
Improper input validation
Users are experiencing sporadic Wi-Fi connectivity, especially when moving farther away from the access point. Which changes should you make?
Increase the power level, Change the channel.
What would the benefit be for encrypting an individual file on a hard drive which already deploys full disk encryption?
Individually encrypted files will remain encrypted when copied to external media
Which of the following answers refers to a countermeasure against code injection?
Input validation
Which of the programming aspects listed below are critical in secure application development process?
Input validation, Error and exception handling
What is it called when a trusted third party is allowed to store an organizations sensitive PKI components?
Key escrow
An attacker changed the physical address of his NIC to assume the identity of a different network host is known as:
MAC cloning
An AI feature that enables it to accomplish tasks based on training data without explicit human instructions is called:
ML
When companies work together under a Memorandum of Understanding what is one of the GREATEST security risks?
MOUs are generally loose agreements and therefore may not have strict guidelines in place to protect sensitive data between the two entities.
What is the most commonly used DDoS attack?
Network-based
Which of the following solutions allow to check whether a digital certificate has been revoked?
OCSP, CIRT
A technique that allows an attacker to authenticate to a remote server without extracting cleartext password from a digest is called:
Pass the hash
The practice of modifying an application's code without changing its external behavior is referred to as:
Refactoring
What type of spam relies on text-based communication?
SPIT
Which of the following alters the external behavior of an application and at the same time does not introduce any changes to the application's code?
Shimming
Which of the following is considered multifactor authentication?
Smartcard/PIN
Which type of VPN configuration can use the Internet connection of a VPN client device to access Internet resources as opposed to the VPN-connected network's Internet connection?
Split tunnel
Complex passwords are considered which type of security control?
Technical
A Linux administrator enables hardware disk encryption for data drives used by a Linux server. The operating system disk is physically located in the Linux server but the data drives exist on a SAN (storage area network). Which of the following statements is true?
The confidentiality of the data is being protected.
Which of the following terms refers to a vulnerability caused by race conditions?
Time-of-check to time-of-use
What risk management strategy may utilize cybersecurity insurance?
Transference
In social engineering, the term "Elicitation" describes the use of casual conversation to extract non-public information from people without giving them the feeling they are being interrogated.
True
Media Access Control (MAC) flooding is a network attack that compromises the security of a network switch by overflowing its memory used to store the MAC address table.
True
The term "Shadow IT" is used to describe software and hardware used within an organization, but outside of the organization's official IT infrastructure.
True
How can users ensure that e-mail messages are not forged?
Verify the digital signatures with the sender's public key.
The practice of using a telephone system to manipulate user into disclosing confidential information is known as:
Vishing
Which of the following test multiple security configurations in the least invasive manner?
Vulnerability scan
Your direct superviser wants you to ensure that there are no exposures to well-known attacks throughout the enterprise. What is the BEST way to do this?
Vulnerability scanning
An attacker has targeted a website that your company employees visit often. What attack type is this?
Watering hole attack
A government contracting company wants to to protect the confidentiality of data on laptops. They want to ensure that in the event a laptop is stolen the data would still be safeguarded. Which of the following would BEST suit their needs?
Whole disk encryption with two-factor authentication
You are responsible for two servers, Batman and Superman. Both Batman and Superman have TPM (Trusted Platform Module) chips that are fully configured to encrypt all server hard disks. The dual power supplies in Batman fail, so you remove the hard disks and place them in Superman. How can you access the contents of these moved hard disks?
You must supply a separate recovery key.
Which of the following fragments of input might indicate an LDAP injection attack attempt?
administrator)(&)) AND search.aspx?name=userName)(zone=*)
A wireless disassociation attack is a type of:U
denial-of-service (DoS) attack