CSA+ Ch.4
Which one of the CVSS metrics would contain information about the number of times that an attacker must successfully authenticate to execute an attack?
Au
What software component is responsible for enforcing the separation of guest systems in a virtualized infrastructure?
Hypervisor
Which one of the following values for the confidentiality, integrity, or availability CVSS metric would indicate the potential for total compromise of a system?
If any of these measures is marked as C, for Complete, it indicates the potential for a complete compromise of the system.
Tom is reviewing a vulnerability scan report and finds that one of the servers on his network suffers from an internal IP address disclosure vulnerability. What protocol is likely in use on this network that resulted in this vulnerability?
NAT
Betty is selecting a transport encryption protocol for use in a new public website she is creating. Which protocol would be the best choice?
TLS 1.1 (highest level of tls)
Which one of the following protocols should never be used on a public network?
Telnet
Tara recently analyzed the results of a vulnerability scan report and found that a vulnerability reported by the scanner did not exist because the system was actually patched as specified. What type of error occurred?
A false positive error occurs when the vulnerability scanner reports a vulnerability that does not actually exist.
Which one of the following values for the CVSS access complexity metric would indicate that the specified attack is simplest to exploit?
An access complexity of "low" indicates that exploiting the vulnerability does not require any specialized conditions.
In what type of attack does the attacker place more information in a memory location than is allocated for that use?
Buffer overflow
Monica discovers that an attacker posted a message in a web forum that she manages that is attacking users who visit the site. Which one of the following attack types is most likely to have occurred?
In a cross-site scripting (XSS) attack, an attacker embeds scripting commands on a website that will later be executed by an unsuspecting visitor accessing the site. The idea is to trick a user visiting a trusted site into executing malicious code placed there by an untrusted third party.
Which one of the following conditions would not result in a certificate warning during a vulnerability scan of a web server?
Inclusion of a public encryption key; Digital certificates are intended to provide public encryption keys, and this would not cause an error.
Which one of the following terms is not typically used to describe the connection of physical devices to a network?
Intrusion detection systems (IDSs) are a security control used to detect network or host attacks. The Internet of Things (IoT), supervisory control and data acquisition (SCADA) systems, and industrial control systems (ICS) are all associated with connecting physical world objects to a network.
Which one of the following is not a common source of information that may be correlated with vulnerability scan results?
It is unlikely that a database table would contain information relevant to assessing a vulnerability scan report. Logs, SIEM reports, and configuration management systems are much more likely to contain relevant information.
The Dirty COW attack is an example of what type of vulnerability?
Privilege escalation
Alan is reviewing web server logs after an attack and finds many records that contain semicolons and apostrophes in queries from end users. What type of attack should he suspect?
SQL injection
In what type of attack does the attacker seek to gain access to resources assigned to a different virtual machine?
VM escape; vulnerabilities are the most serious issue that can exist in a virtualized environment, particularly when a virtual host runs systems of differing security levels. In an escape attack, the attacker has access to a single virtual host and then manages to leverage that access to intrude on the resources assigned to a different virtual machine.
What is the most recent version of CVSS that is currently available?
Version 3.0 of CVSS is currently available but is not as widely used as the more common CVSS version 2.0.
Kevin recently identified a new security vulnerability and computed its CVSS base score as 6.5. Which risk category would this vulnerability fall into?
Vulnerabilities with a CVSS score higher than 6.0 but less than 10.0 fall into the High risk category.
Which one of the following metrics is not included in the calculation of the CVSS exploitability score?
Vulnerability age
Which one of the following operating systems should be avoided on production networks?
Windows Server 2003