Security+ EC questions

¡Supera tus tareas y exámenes ahora con Quizwiz!

MAC attacks are layer ______ attacks

2

What is a PUP?

A type of computer program not explicitly classified as malware by AV software A type of software that may adversely affect the computer's security and performance, compromise user's privacy, or display unsolicited ads An application downloaded and installed with the user's consent (legal app)

What is smishing?

A type of phishing attack using text messages

the characteristic features of a session ID?

A unique identifier assigned by the website to a specific user A piece of data that can be stored in a cookie, or embedded as an URL Stored in a visitor's browser

enables the exchange of information between computer programs?

API

An attacker managed to associate his/her MAC address with the IP address of the default gateway. In result, a targeted host is sending network traffic to the attacker's IP address instead of the IP address of the default gateway. Based on the given info, which type of attack is taking place in this scenario?

ARP poisoning

A physical security control type that provides isolation from external computer networks?

Air gap

Restoring data from an incremental backup requires: (2 answers)

All copies of incremental backups made since the last full backup Copy of the last full backup

the following statements can be used to describe the characteristics of an on-path attack?

An on-path attack is also known as MITM attack In an on-path attack, attackers place themselves on the communication route between two devices In an on-path attack, attackers intercept or modify packets sent between two communicating devices

Public Key encryption algorithm is also called the

Asymmetric algorithm

any message encrypted with the use of a public key can only be decrypted by applying the same algorithm and a matching private key (and vice versa)

Asymmetric encryption

What are the features of Elliptic Curve Cryptography (ECC)?

Asymmetric encryption Low processing power requirements Suitable for small wireless devices

refers to a US government initiative for real-time sharing of cyber threat indicators?

Automated Indicator Sharing (AIS)

Which of the following refers to an undocumented (and often legitimate) way of gaining access to a program, online service, or an entire computer system?

Backdoor

2 Examples of key stretching algorithms

Bcrypt PBKDF2

Which cryptographic attack relies on the concepts of probability theory?

Birthday

The practice of sending unsolicited messages over Bluetooth is known as:

Bluejacking

Gaining unauthorized access to a Bluetooth device is referred to as:

Bluesnarfing

A malware-infected network host under remote control of a hacker is commonly referred to as:

Bot

What is the function of a C2 server?

Botnet control

An attack against encrypted data that relies heavily on computing power to check all possible keys and passwords until the correct one is found is known as:

Brute-force attack

A situation in which an application writes to an area of memory it is not supposed to have access to is referred to as

Buffer overflow

A type of exploit that relies on overwriting contents of memory to cause unpredictable results in an application is called

Buffer overflow

The practice of making an unauthorized copy of a payment card is referred to as:

Cloning

The two main vulnerability databases:

Common Vulnerability Database (CVE) National Vulnerability Database (NVD)

Individuals will in general do what they accept everybody around them is doing, especially when they are uncertain of what to do in any case. This is an example of which social engineering tactic?

Consensus

refers to the concept of virtualization on an application level?

Containerization

A collection of precompiled functions designed to be used by more than one Microsoft Windows application simultaneously to save system resources is known as

DLL

an application attack that relies on executing a library of code?

DLL injection

acronym refers to software or hardware-based security solutions designed to detect and prevent unauthorized use and transmission of confidential information?

DLP

Remapping a domain name to a rogue IP address is an example of what kind of exploit?

DNS poisoning

___________ is an example of fake telemetry

DNS sinkhole

can be used to prevent access to malicious URLs at an enterprise level

DNS sinkholing

A suite of security extensions for an Internet service that translates domain names into IP addresses is known as:

DNSSEC

What is DLP?

Data Loss Prevention

A type of redundant source code producing an output not used anywhere in the application is commonly referred to as:

Dead code

Which password attack takes advantage of a predefined list of words?

Dictionary attack

A dot-dot-slash attack is also referred to as:

Directory traversal attack

A factor that has the biggest impact on domain reputation?

Distribution of spam

A type of cryptographic attack that forces a network protocol to revert to its older, less secure version is known as:

Downgrade attack

What would you use to add power redundancy on a server box?

Dual-power supply

Which solution would be best suited for situations where response time in data processing is of critical importance?

Edge computing

represents a fusion of cloud and local computing in which the cloud is still retained for carrying and storing data while local internet-connected devices take care of the data processing

Edge computing

An asymmetric encryption key designed to be used only for a single session or transaction is known as:

Ephemeral key

Describe characteristics of a cross-site scripting attack?

Exploits the trust a user's web browser has in a website A malicious script is injected into a trusted website User's browser executes attacker's script

characteristics of a cross-site request forgery attack

Exploits the trust a website has in the user's web browser A user is tricked by an attacker into submitting unauthorized web

Which type of malware resides only in RAM?

Fileless virus

refers to a local network infrastructure between IoT devices and the cloud designed to speed up data transmission and processing

Fog computing

___________ is a mode of operationfor symmetric-key cryptographic block ciphers which is widely adopted for its performance

Galois/Counter Mode (GCM)

allows for mapping large amount of data content to a small string of characters

Hash function

What are the the contents of a rainbow table entry?

Hash/Password

describe the attributes of an APT?

High level of technical sophistication Extensive amount of resources/funding Typically funded by governments/nation states

Which alternate site allows for fastest disaster recovery?

Hot site

term refers to a duplicate of the original site, with fully operational computer systems as well as near-complete backups of user data?

Hot site

A situation in which a web form field accepts data other than expected

Improper input validation

Which of the three states of digital data requires data to be processed in an unencrypted form?

In processing

A type of forensic evidence that can be used to detect unauthorized access attempts or other malicious activities is called

Indication of Compromise (IoC)

a countermeasure against code injection

Input validation

programming aspects that are are critical in secure application development process?

Input validation Error and exception handling

What are the countermeasures against SQL injection attacks? ( 2 answers)

Input validation Stored procedures

a programming error where an application tries to store a numeric value in a variable that is too small to hold it

Integer overflow

Digital signatures provide: (3 answers)

Integrity Authentication Non-reputation

the term _______________ refers to a mechanism for extending the length of a cryptographic key to make it more secure against brute-force attacks

Key stretching

A collection of commonly used programming functions designed to speed up software development process is known as:

Library

removable storage media that contains a portable, non-persistent OS?

Live boot media

A network hardware or software solution designed for managing the optimal distribution of workloads across multiple computing resources is known as:

Load balancer

Malicious code activated by a specific event is called:

Logic bomb

A ________ network diagram describes the actual traffic flow on a network and provides information related to IP addressing schemes, subnets, device roles, or protocols that are in use on the network

Logical

An attack that relies on altering the burned-in address of a NIC to assume the identity of a different network host is known as:

MAC Spoofing MAC Cloning

This extends the email message format beyond simple text, enabling the transfer of graphics, audio, and video files over the Internet mail system

MIME

What would be the best solution for a company that needs IT services but lacks any IT personnel?

MSSP

An AI feature that enables it to accomplish tasks based on training data without explicit human instructions is called:

Machine learning

Another name for sequential-access backup media?

Magnetic tape

Harmful programs used to disrupt computer operation, gather sensitive information, or gain unauthorized access to computer systems are commonly referred to as:

Malware

a device designed to distribute (and monitor the quality of) electric power to multiple outlets?

Managed power distribution unit

What is an MSP?

Managed service provider

A situation in which an application fails to properly release memory allocated to it or continually requests more memory than required is known as:

Memory leak

______________ are an architectural and organizational approach to software development where software is composed of small independent services that communicate over well-defined APIs

Microservices

3 facts about RAID 1:

Minimum 2 drives Disk mirroring No parity

2 facts about RAID 5:

Minimum 3 drives increased performance and fault tolerance

2 facts about RAID 6:

Minimum 4 drives 2 drives can fail

2 facts about RAID 10:

Minimum 4 drives stripe of mirrors

The process of combining multiple physical network adapters into a single logical interface for increased throughput and redundancy is called:

NIC teaming

What is the most common form of a DDoS attack?

Network based

The process of removing redundant entries from a database is known as:

Normalization

describes an attempt to read a variable value from an invalid memory address?

Null-pointer deference

A term referring to threat intelligence gathered from publicly available sources?

OSINT

Which type of DDoS attack targets industrial equipment and infrastructure?

OT

Which cloud service model would provide the best solution for a web developer intending to create a web app?

PaaS

A technique that allows an attacker to authenticate to a remote server without extracting cleartext password from a digest is called

Pass the hash

What is PFS?

Perfect Forward Secrecy

an encryption style known for producing temporary private key exchanges between clients and servers. For every individual session initiated by a user, a unique session key is generated.

Perfect Forward Secrecy

URL redirection is a characteristic feature of

Pharming

URL redirection is a characteristic feature of:

Pharming

social engineering technique whereby attackers under disguise of a legitimate request attempt to gain access to confidential information is commonly referred to as:

Phishing

an internal telephone exchange or switching system implemented in a business or office

Private Branch Exchange (PBX)

_________ teaming combines the vulnerabilities and threats found by the red team and the defense tactics and controls found by the blue team.

Purple

Which type of Trojan enables unauthorized remote access to a compromised system?

RAT

A protocol designed to handle real-time traffic (like audio and video) over the Internet

RTP

A malfunction in a preprogrammed sequential access to a shared resource is described as

Race condition

Malware that restricts access to a computer system by encrypting files or locking the entire system down until the user performs requested action is known as:

Ransomware

The practice of modifying an application's code without changing its external behavior is referred to as:

Refactoring

Two software/hardware driver manipulation techniques?

Refactoring Shimming

A type of formal document that describes the specifications for a particular technology is known as

Request For Comments (RFC)

A collection of software tools used by a hacker to mask intrusion and obtain administrator-level access to a computer or computer network is known as:

Rootkit

What type of spam relies on text-based communication?

SPIM

A protocol that enables secure, real-time delivery of audio and video over an IP network?

SRTP

a non-proprietary cryptographic network protocol for secure data communication, remote command-line login, remote command execution, and other secure network services:

SSH

Pseudo-random data added to a password before hashing is called

Salt

These provide randomization during encryption process?

Salting Initialization vector

A lightly protected subnet (previously known as a DMZ) consisting of publicly available servers placed on the outside of the company's firewall is called:

Screened subnet

A type of encryption scheme where the same key is used to encrypt and decrypt data is referred to as: (3 answers)

Session-key encryption Symmetric encryption Secret-key encryption

alters the external behavior of an application and at the same time does not introduce any changes to the application's code?

Shimming

A device that best illustrates the concept of edge computing?

Smartwatch

A file-based representation of the state of a virtual machine at a given point in time is called:

Snapshot

What type of backups are commonly used with virtual machines?

Snapshot backups

_____________ is the decoupling of the network control logic from the devices performing the function

Software-defined networking (SDN)

Which password attack bypasses account-lockout policies?

Spraying attack

Malicious software collecting information about users without their knowledge/consent is known as:

Spyware

A dedicated local network consisting of devices providing data access is called

Storage area network (SAN)

a network of storage devices that can be accessed by multiple servers or computers, providing a shared pool of storage space

Storage area network (SAN)

What is STIX?

Structured Threat Information eXpression (STIX) is a programming language for representing cyber threat intelligence in a standardized and structured format

Privilege escalation attacka are facilitated by:

System/application vulnerability Social engineering techniques System/application misconfiguration

These describe the behavior of a threat actor?

TTPs. a key concept in cybersecurity and threat intelligence. The purpose is to identify patterns of behavior which can be used to defend against specific strategies and threat vectors used by malicious actors

Refers to a vulnerability caused by race conditions?

Time-of-check to time-of-use

Refers to the process of replacing sensitive data with nonsensitive information which holds a reference to the original data and enables its processing but has no value when breached

Tokenization

characteristic features of pharming?

Traffic redirection Fraudulent websites Credential harvesting

A VPC is accessed via a:

Transit gateway

This type of malware may act like a legitimate program and have all the expected functionalities, but apart from that it will also contain a portion of malicious code that the user is unaware of.

Trojan horse

One of the measures for bypassing the failed logon attempt account lockout policy is to capture any relevant data that might contain the password and brute force it offline. T/F

True

What is TAXII?

Trusted Automated eXchange of Indicator Information (TAXII) is an application layer protocol that enables sharing of actionable threat information across organizations, products, and services.

What is a device used for DLP?

USB data blocker

What are the characteristic features of a session key? ( 2 answers)

Used during a single session Symmetric key

Which of the following enables running macros in Microsoft Office applications?

VBA

mitigates the risk of supply chain attacks?

Vendor/Intermediary checks

What is a VPC?

Virtual Private Cloud

An email message containing a warning related to a non-existent computer security threat, asking a user to delete system files falsely identified as malware, and/or prompting them to share the message with others would be an example of:

Virus hoax

a platform used for watering hole attacks?

Websites

In cybersecurity exercises, the role of an event overseer (i.e. the referee) is delegated to

White team

standalone malicious computer program that typically propagates itself over a computer network to adversely affect system resources and network bandwidth is called:

Worm

What is a managed security service provider (MSSP)?

a business that supplies security services, software, and/or expertise to other organizations

the following fragments of input might indicate an LDAP injection attack attempt?

administrator)(&)) search.aspx?name=userName)(zone=*)

Social engineering principle that refers to the idea that people follow the lead of credible knowledge experts

authority

Ransomware is an example of what kind of malware?

cryptomalware

if a hacker gains access to the MD5 hashes of passwords, they do not necessarily need to find the actual password, but something else which shares that hash. This is an example of:

hash collision

Which term Is used to describe the theft of personal data from a payment card?

skimming

A short list of commonly used passwords tried against large number of user accounts is a characteristic feature of:

spraying attack

A network replay attack occurs when an attacker intercepts sensitive user data and resends it to the receiver with the intent of gaining unauthorized access or tricking the receiver into unauthorized operations T/F

true


Conjuntos de estudio relacionados

OB Final Exam - - - - - - - - - - - -

View Set

CEShop Law of Contracts flashcards: 8/31

View Set

Psychology Chapter 11 Social Psychology

View Set

Mgmt 1 smartbook review for midterm

View Set

Vertical Integration & Outsourcing SMU

View Set