Domain 1 test
You have been hired as part of the team that manages an organization's network defense. Which security team are you working on?
Blue Blue team members are the defense of the system. This team is responsible for stopping the red team's advances. Members of the purple team work on both offense and defense. This team is a combination of the red and blue teams. The red team members are the ethical hackers. This team is responsible for performing the penetration tests. The white team members are the referees of cybersecurity. This team is responsible for managing the engagement between the red and blue teams. This group typically consists of the managers or team leads.
A programmer that fails to check the length of input before processing leaves his code vulnerable to which form of common attack?
Buffer overflow attack
Having poor software development practices and failing to program input validation checks during development of custom software can result in a system vulnerable to which type of attack?
Buffer overflow attack
As the security analyst for your organization, you have noticed an increase in user computers being infected with malware. Which two solutions should you implement and configure to remedy this problem? (Select two.)
Virus scanner Spam filters
For some reason, when you capture packets as part of your monitoring, you aren't seeing much traffic. What could be the reason?
You forgot to turn on promiscuous mode for the network interface.
An organization's receptionist received a phone call from an individual claiming to be a partner in a high-level project and requesting sensitive information. The individual is engaging in which type of social engineering?
authority
Which of the following is the single greatest threat to network security?
employees
What is the storage location called that holds all the development source files that version control systems use?
repository
Which of the following are subject to SQL injection attacks?
Database servers
Every ACME computer comes with the same account created at the factory. Which kind of vulnerability is this?
Default accounts and passwords
You are cleaning your desk at work. You toss several stacks of paper in the trash, including a sticky note with your password written on it. Which of the following types of non-technical password attacks have you enabled?
Dumpster diving
Compliments, misinformation, feigning ignorance, and being a good listener are tactics of which social engineering technique?
Elictitation
Which kind of virus operates only in memory and usually exploits a trusted application like PowerShell to circumvent traditional endpoint security solutions?
Fileless virus
You are the security analyst for your organization. Clients are complaining about being unable to connect to the wireless network. After looking into the issue, you have noticed short bursts of high-intensity RF signals are interfering with your wireless network's signal.
Jamming
Which of the following best describes an evil twin?
Repository
Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day, you find that an employee has connected a wireless access point to the network in his office. Which type of security risk is this?
Rogue access point
You have installed antivirus software on the computers on your network. You update the definition and engine files and configure the software to update those files every day. What else should you do to protect your systems from malware? (Select two.)
Schedule regular full system scans. Educate users about malware.
The root account has all privileges and no barriers. Which of the following is another name for the root account?
Superuser account
Sam has used malware to access Sally's computer on the network. He has found information that allows him to use the underlying NTLM to escalate his privileges without needing the plaintext password. Which of the following types of attacks did he use?
Pass the hash
Capturing packets as they travel from one host to another with the intent of altering the contents of the packets is a form of which type of attack?
Man-in-the-middle attack