Domain 1 test

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

You have been hired as part of the team that manages an organization's network defense. Which security team are you working on?

Blue Blue team members are the defense of the system. This team is responsible for stopping the red team's advances. Members of the purple team work on both offense and defense. This team is a combination of the red and blue teams. The red team members are the ethical hackers. This team is responsible for performing the penetration tests. The white team members are the referees of cybersecurity. This team is responsible for managing the engagement between the red and blue teams. This group typically consists of the managers or team leads.

A programmer that fails to check the length of input before processing leaves his code vulnerable to which form of common attack?

Buffer overflow attack

Having poor software development practices and failing to program input validation checks during development of custom software can result in a system vulnerable to which type of attack?

Buffer overflow attack

As the security analyst for your organization, you have noticed an increase in user computers being infected with malware. Which two solutions should you implement and configure to remedy this problem? (Select two.)

Virus scanner Spam filters

For some reason, when you capture packets as part of your monitoring, you aren't seeing much traffic. What could be the reason?

You forgot to turn on promiscuous mode for the network interface.

An organization's receptionist received a phone call from an individual claiming to be a partner in a high-level project and requesting sensitive information. The individual is engaging in which type of social engineering?

authority

Which of the following is the single greatest threat to network security?

employees

What is the storage location called that holds all the development source files that version control systems use?

repository

Which of the following are subject to SQL injection attacks?

Database servers

Every ACME computer comes with the same account created at the factory. Which kind of vulnerability is this?

Default accounts and passwords

You are cleaning your desk at work. You toss several stacks of paper in the trash, including a sticky note with your password written on it. Which of the following types of non-technical password attacks have you enabled?

Dumpster diving

Compliments, misinformation, feigning ignorance, and being a good listener are tactics of which social engineering technique?

Elictitation

Which kind of virus operates only in memory and usually exploits a trusted application like PowerShell to circumvent traditional endpoint security solutions?

Fileless virus

You are the security analyst for your organization. Clients are complaining about being unable to connect to the wireless network. After looking into the issue, you have noticed short bursts of high-intensity RF signals are interfering with your wireless network's signal.

Jamming

Which of the following best describes an evil twin?

Repository

Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day, you find that an employee has connected a wireless access point to the network in his office. Which type of security risk is this?

Rogue access point

You have installed antivirus software on the computers on your network. You update the definition and engine files and configure the software to update those files every day. What else should you do to protect your systems from malware? (Select two.)

Schedule regular full system scans. Educate users about malware.

The root account has all privileges and no barriers. Which of the following is another name for the root account?

Superuser account

Sam has used malware to access Sally's computer on the network. He has found information that allows him to use the underlying NTLM to escalate his privileges without needing the plaintext password. Which of the following types of attacks did he use?

Pass the hash

Capturing packets as they travel from one host to another with the intent of altering the contents of the packets is a form of which type of attack?

Man-in-the-middle attack


Kaugnay na mga set ng pag-aaral

Econ 3030 Practice Homework Questions

View Set

Module 1—First Aid, CPR, AED Foundations

View Set

Ch 10 Work, Retirement and Leisure Patterns

View Set

psych bluff review and ap classroom

View Set

ปรัชญาการศึกษา

View Set

Final Exam: Oncology NCLEX Questions

View Set

A&P Ch. 12 Central Nervous System

View Set