CompTIA ITF+ Module 5.1
An attacker has used a rogue access point to intercept traffic passing between wireless clients and the wired network segment. What type of attack is this?
This is typical of a Man-in-the-Middle (MitM) attack.
Why should a security policy instruct users not to reveal their password to technical support staff?
It exposes users to social engineering attacks to gather login credentials for malicious use. Any request for a password should be treated by users as suspicious.
In considering availability concerns, what use might a lockable faceplate on a server-class computer be?
It may prevent the user switching the machine on or off (useful for servers) or accessing removable drives and ports.
What does AAA stand for?
Authentication, Authorization, Accounting.
How might someone masquerade as someone else when using email or Instant Messaging?
By accessing their user account—this could be done by stealing their login information, using an unattended computer that was still logged in, or using malware such as a Trojan.
Which property of secure information is compromised by snooping?
Confidentiality—keeping information disclosure restricted to authorized persons only.
What are the three main areas where redundancy should be provisioned?
Data/storage (RAID), network links, and power. You might additionally mention site-level redundancy, though this is very expensive to provision.
Which specific attack uses a botnet to threaten availability?
Distributed Denial of Service (DDoS).
Why is prioritization a critical task for disaster recovery?
Services may have dependencies that make restoring them in the wrong order futile. Also, disasters lead to scarce resources so the most critical services must be given priority. These should be identified before the disaster occurs so that staff working to recover systems are properly guided.
What type of access mechanism is MOST vulnerable to a replay attack?
Use of a token generated by software. If the token is not authenticated properly by the server, it could be vulnerable to replay, where someone else obtaining the token can masquerade as the original user.
