Security Plus
Which of the following answers can be used to describe characteristics of a cross-site scripting attack? - Exploits the trust a user's web browser has in a website - A malicious script is injected into a trusted website - User's browser executes attacker's script - Exploits the trust a website has in the user's web browser - A user is tricked by an attacker into submitting unauthorized web requests
- Exploits the trust a user's web browser has in a website - A malicious script is injected into a trusted website -User's browser executes attacker's script
URL Potential Indicator of a directory traversal attack
/../etc/password
Botnet
A collection of intermediary compromised systems that can be used as a platform for a DDoS attack
DLL
A collection of precompiled functions designed to be used by more than one Microsoft Windows application simultaneously to save system resources
Rootkit
A collection of software tools used by a hacker to mask intrusion and obtain administrator-level access to a computer or computer network
Race Condition
A malfunction in preprogrammed sequential access to a shared resouce
Bot
A malware-infected network host under remote control of a hacker
Media Access Control (MAC) Flooding
A network attack that compromises the security of a network switch by overflowing its memory used to store the MAC address table
Integer Overflow
A programming error where an application tries to store a numeric value in a variable that is too small to hold it
Evil Twin
A rogue Wireless Access Point (WAP) set up for eavesdropping or stealing sensitive user data. They replace the legitimate access point by advertising its own presence with the same Service Set Identifier (SSID) and appears as a legitimate access point to a connecting host
Spraying Attack
A short list of commonly used passwords tried against large number of user accounts
Memory Leak
A situation in which an application fails to properly release memory allocated to it or continually requests more memory than required
Shoulder Surfing
A situation in which an unauthorized person can view another user's display or keyboard to learn their password or other confidential information
Phishing
A social engineering technique whereby attackers under disguise of a legitimate request attempt to gain access to confidential information
Worm
A standalone malicious computer program that typically propagates itself over a computer network to adversely affect system resources and network bandwidth.
PUP
A type of computer program not explicitly classified as malware by AV software, that may adversely affect the computer's security and performance, compromise the user's privacy, or display unsolicited ads, and is downloaded with the user's consent.
Trojan Horse
A type of software that performs unwanted and harmful actions in disguise of a legitimate and useful program This type of malware may act like a legitimate program and have all the expected functionalities, but apart from that it will also contain a portion of malicious code that the user is unaware of.
Session ID
A unique identifier assigned by the website to a specific user, A piece of data that can be stored in a cookie, or embedded as an URL parameter, and stored in a visitor's browser
Which of the following enables the exchange of information between computer programs? - API - UI - Device Drivers - SDK
API
An attacker managed to associate their MAC address with the IP address of the default gateway. In result, a targeted host is sending network traffic to the attacker's IP address instead of the IP address of the default gateway. What kind of attack is currently taking place? - ARP Poisoning - Replay Attack - Cross-Site Requested Forgery - DNS Poisoning
ARP Poisoning
ML
An AI feature that enables it to accomplish tasks based on training data without explicit human instructions
Buffer Overflow
An application writes to an area of memory it is not supposed to have access to
Brute-Force Attack
An attack against encrypted data that relies heavily on computing power to check all possible keys and passwords until the correct one is found
Network Replay Attack
An attacker intercepts sensitive user data and resends it to the receiver with the intent of gaining unauthorized access or tricking the receiver into unauthorized requests
Null-Pointer Dereference
An attempt to read a variable value from and invalid memory address
SSRF
An exploit that allows an attacker to take control over a server and use it as a proxy for unauthorized actions
Which of the following statements can be used to describe the characteristics of an on-path attack? - An on-path attack is also known as MITM attack - In an on-path attack, attackers place themselves on the communication route between two devices - In an on-path attack, attackers intercept or modify packets sent between two communicating devices - In an on-path attack, attackers do not have access to packets exchanged during the communication between two devices - In an on-path attack, attackers generate forged packets and inject them in the network
An on-path attack is also known as MITM attack, In an on-path attack, attackers place themselves on the communication route between two devices, In an on-path attack, attackers intercept or modify packets sent between two communicating devices
Which cryptographic attack relies on the concepts of probability theory? - KPA - brute-force - dictionary - birthday
Birthday
What is the function of a C2 server?
Botnet Control
While conducting a web research that would help in making a better purchasing decision, a user visits series of Facebook pages and blogs containing fake reviews and testimonials in favor of a paid app intentionally infected with malware. Which social engineering principle applies to this attack scenario?
Consensus
Downgrade Attack
Cryptographic attack that forces a network protocol to revert to its older less secure version
Which of the following describes an application attack that relies on executing a library of code? - Memory Leak - DLL Injection - Pointer Dereference - Buffer Overflow
DLL Injection
NFC is vulnerable to?
Data Interception, Replay Attacks, Denial-of-Service
Plaintext
Data in an unencrypted form
A wireless disassociation attack is a type of? - Cryptographic Attack - Downgrade Attack - Deauthentication Attack - Brute-Force Attack - Denail-of-Service Attack
Deauthentication & Denail-of-Service Attack
A wireless jamming attack is a type of? - Cryptographic Attack - Denial-of-Service Attack - Brute-Force Attack - Downgrade Attack
Denial-of-Service Attack
Dot-Dot-Slash Attack is also referred to as:
Directory Traversal Attack
SSL Stripping is an example of? - Brute-Force Attack - Downgrade Attack - Watering Hole Attack - On-Path Attack - Denial-of-Service Attack
Downgrade Attack & On-Path Attack
RFID
Enables identification and tracking of tags attached to objects
Buffer Overflow
Exploit that relies on overwriting contents of memory to cause unpredictable results in an application
Cross-Site Forgery Attack
Exploits the trust a website has in the user's web browser, a user is tricked by an attacked into submitting unauthorized web requests, a website executes an attacker's request
What type of malware resides only in RAM?
Fileless Virus
Bluesnarfing
Gaining unauthorized access to a bluetooth device
Tailgating
Gaining unauthorized access to restricted areas by following another person
Malware
Harmful programs used to disrupt computer operation, gather sensitive information, or gain unauthorized access to computer systems
Which of the following refers to the contents of a rainbow table entry? - hash/password - ip address/domain name - username/password - account name/hash
Hash/Password
RFID Badge
Identification badge that can be held within a certain distance of a reader device to authenticate its holder
Which social engineering attack relies on identity theft?
Impersonation
A situation in which a web form field accepts data other than expected is an example of?
Improper Input Validation
Which of the following answers refers to a countermeasure against code injection? - Fuzzing - Input Validation - Code Signing - Normalization
Input Validation
What are two programming aspects that are critical in securing application development?
Input validation & Error and Exception Handling
Which of the following is an example of spyware? - keylogger - vulnerability scanner - computer worm - packet sniffer
Keylogger
Rainbow Table
Lookup tables used to speed up the process of password guessing
Which of the following falls into the category of Layer 2 attacks? - MAC Cloning - ARP Poisoning - MAC Flooding - DNS Poisoning - MAC Spoofing
MAC Cloning, ARP Poisoning, MAC Flooding, & MAC Spoofing
An attack that relies on altering the burned-in address of a NIC to assume the identity of a different network host is known as? - ARP Poisoning - On-Path Attack - MAC Spoofing - Replay Attack - MAC Cloning
MAC Spoofing & MAC Cloning
Cloning
Making an unauthorized copy of a payment card.
Logic Bomb
Malicious code that is activated by a specific event
Spyware
Malicious software collecting information about users without their knowledge or consent
Dictionary Attack
Password attack that takes advantage of a predefined list of words
Spear Phishing
Phishing scams targeting a specific group of people
Whaling
Phishing scams targeting people holding high positions in an organization or buisness
Which of the following is used in URL phishing? - Prepending - Typosquatting - Pretexting - Domain hijacking
Prepending
Feigned Ignorance
Pretending to be ignorant of a topic in order to exploit the person's tendency to educate
Confidential Bait
Pretending to divulge confidential information in hopes of receiving confidential information in return
Bracketing
Providing a high and low estimate in order to entice a more specific number
Malware that restricts access to a computer system by encrypting files or locking the entire system down until the user performs requested action
Ransomware
Which of the following is an example of cryptomalware? - backdoor - ransomware - keylogger - rootkit
Ransomware
Which of the following terms refer to software/hardware driver manipulation techniques? - Prepending - Fuzz Testing - Refactoring - Shimming - Sideloading
Refactoring & Shimming
What is the purpose of a DoS attack?
Resource Exhaustion
Which of the follow indicates an SQL injection attack attempt? - DELETE FROM itemDB WHERE itemID='1'; - SELECT * FROM users WHERE userName = 'Alice' AND password ='' OR '1' = '1'; - DROP TABLE itemDB; - SELECT * FROM users WHERE email = '[email protected]' AND password = '';
SELECT * FROM users WHERE userName = 'Alice' AND password = '' OR '1' = '1';
Which of the following provide randomization during the encryption process? - Salting - Rainbow Tables - Obfuscation - Initialization Vector (IV) - Shimming
Salting & Initialization Vector (IV)
Deliberate False Statements
Saying something wrong in the hopes that the person will correct the statement with true information
Denial of the Obvious
Saying something wrong in the hopes that the person will correct the statement with true information
An attacker impersonating a software beta tester replies to a victim's post in a forum thread discussing the best options for affordable productivity software. A while later, he/she follows up by sending the victim private message mentioning the discussion thread and offering free access to a closed beta version of a fake office app. Which social engineering principles apply to this attack scenario?
Scarcity, Familiarity, Trust
Bluejacking
Sending unsolicited messages over bluetooth
Which of the following alters the external behavior of an application and at the same time does not introduce nay changes to the applications code? - Shimming - Refactoring - API Call - Sideloading
Shimming
Which of the following answers refer to smishing? - social engineering technique - email communication - spam over internet telephony (SPIT) - text messaging - spam over internet messaging (SPIM)
Social Engineering Technique & Text Messaging. Def: Phishing attacks that involve the use of messages sent using SMS (Short Message Service)
What type of spam relies on text-based communication?
Spam Over Internet Messaging (SPIM)
RFID is vulnerable to?
Spoofing, Eavesdropping, Data Interception, Replay Attacks, Denial-of-Service Attacks
Which password attack bypasses account-lockout policies? - birthday attack - spraying attack - dictionary attack - replay attack
Spraying Attack
Which of the following facilitate(s) privilege escalation attacks? - System/Application Vulnerability - Principle of Least Authority - Social Engineering Techniques - Mandatory Access Control ( MAC ) - System/Application Misconfiguration
System/Application Vulnerability -Social Engineering Techniques -System/Application Misconfiguration
Pass the Hash
Technique that allows an attacker to authenticate to a remote server without extracting cleartext password from a digest
NFC
Technology that is used for contactless payment technology
Refactoring
The practice of modifying an applications code without changing it's external behavior
URL Hijacking ( a.k.a. "Typosquatting" )
The practice of registering misspelled domain name closely resembling other well established and popular domain name in hopes of getting Internet traffic from users who would make errors while typing in the URL in their web browsers
Dumpster Diving
The practice of sifting through trash for discarded documents containing sensitive data. Found documents containing names and surnames of the employees along with the information about positions held in the company and other data can be used to facilitate social engineering attacks. Having the documents shredded or incinerated before disposal makes dumpster diving less effective and mitigates the risk of social engineering attacks
Skimming
Theft of personal data from a payment card
Which of the following terms refers to a vulnerability caused by race conditions? - Mean Time to Failure - Replay Attack - Mean Time between Failures - Time-of-Check to Time-of-Use
Time-to-Check to Time-of-Use
Which of the following answers refer to the characteristic features of pharming? - domain hijacking - traffic redirection - fraudulent website - password attack - credential harvesting
Traffic Redirection, Fraudulent Website & Credential Harvesting
Hash Collision
Two different inputs create the same hash
RAT
Type of Trojan that enables unauthorized remote access to a compromised system
What can be used for: - GPS tracking - capturing keystrokes - sending and receiving commands - delivering and executing malware
USB Cable
Spam
Unsolicited advertising message
An attacker impersonates a company's managing staff member to manipulate a lower rank employee into disclosing confidential data. The attacker informs the victim that the information is essential for a task that needs to be completed within the business hours on the same day and mentions potential financial losses for the company in case the victim refuses to comply. Which social engineering principles apply to this attack scenario?
Urgency, Authority, & Intimidation
Elicitation
Use of casual conversation to extract non-public information from people without giving them the feeling they are being interrogated
Flattery
Using praise to coax a person into providing information
An email message containing a warning related to a non-existent computer security threat, asking a user to delete system files falsely identified as malware, and/or prompting them to share the message with others would be an example of:
Virus Hoax
The practice of using a telephone system to manipulate user into disclosing confidential information
Vishing
Which of the terms listed below refers to a platform used for watering hole attacks? - mail gateways - websites - PBX systems - web browsers
Websites