CompTIA Module 8 Review

Tomaso is explaining to a colleague the different types DNS attacks. Which DNS attack would only impact a single user? A) DNS hijack attack B) DNS poisoning attack C) DNS overflow attack D) DNS resource attack

DNS poisoning attack

What is the difference between a DoS and a DDoS attack? A) DoS attacks are faster than DDoS attacks B) DoS attacks use fewer computers than DDoS attacks C) DoS attacks do not use DNS servers as DDoS attacks do D) DoS attacks use more memory than DDoS attacks

DoS attacks use fewer computers than DDoS attacks

What can be used to secure electronic devices from electromagnetic spying and shield them from EMI? A) Demilitarized Zone B) PDS C) Faraday Cage D) Mantrap

Faraday Cage

Calix was asked to protect a system from a potential attack on DNS. What are the locations he would need to protect? A) Web server buffer and host DNS server B) Reply referrer and domain buffer C) Web browser and browser add-on D) Host table and external DNS server

Host table and external DNS server

Which of the following is NOT a reason that threat actors use PowerShell for attacks? A) It cannot be detected by antimalware B) It leaves behind no evidence on a hard drive C) It can be invoked prior to system boot D) Most applications flag it as a trusted application

It can be invoked prior to system boot

Which of the following is NOT true about VBA? A) It is commonly used to create macros B) It is built into most Microsoft Office applications C) It is included in select non-Microsoft products D) It is being phased out and replaced by PowerShell

It is being phased out and replaced by PowerShell

Deacon has observed that the switch is broadcasting all packets to all devices. He suspects it is the result of an attack that has overflowed the switch MAC address table. Which type of attack is this? A) MAC spoofing attack B) MAC cloning attack C) MAC flooding attack D) MAC overflow attack

MAC flooding attack

In which type of attack is the threat actor positioned between two parties and alters the transmission to eavesdrop or impersonate on of the parties? A) MITB B) MAC Cloning C) MITM D) Session replay

MITM

Which attack intercepts communications between a web browser and the underlying OS? A) Interception B) Man-in-the-browser (MITB) C) DIG D) ARP Poisoning

Man-in-the-browser (MITB)

Which of the following can be used to detect if a Trojan has infected a system? a) Telnet b) Netstat c) Fortify d) Acunetix

Netstat

Theo uses the Python programming language and does not want his code to contain vulnerabilities. Which of the following best practices would Theo NOT use? A) Only use compiled and not interpreted Python code B) Use the latest version of Python C) Use caution when formatting strings D) Download only vetted libraries

Only use compiled and not interpreted Python code

Which of the following is an open source toolkit used to implement the SSLv3 and TLS v1 protocols? a) OpenSSL b) Nessus c) Stunnel d) OWASP

OpenSSL

Proteus has been asked to secure endpoints that can be programmed and have an IP address so that they cannot be used in a DDoS attack. What is the name for this source of DDoS attack? A) Network B) Application C) IoT D) Operational Technology

Operational Technology

Which of the following is used to target SSL-enabled sessions and non-SSL-enabled links to sniff their contents? a) Stunnel b) OpenSSL c) SSL Strip d) Nessus

SSL Strip

What is the result of an ARP poisoning attack? A) The ARP cache is compromised B) Users cannot reach a DNS server C) MAC addresses are altered D) An internal DNS must be used instead of an external DNS

The ARP cache is compromised

What is Bash? A) The command-language interpreter for Linux/UNIX OSs B) The open source scripting language that contains many vulnerabilities C) A substitute for SSH D) The underlying platform on which macOS is built

The command-language interpreter for Linux/UNIX OSs

Which of the following is NOT a Microsoft defense against macros? A) Protected view B) Trusted documents C) Trusted domain D) Trusted location

Trusted domain

Which of the following is an event driven Microsoft programming language that allows developers and users to automate processes that normally would take multiple steps? A) PowerShell B) VBA C) Macros D) Python

VBA

What does VBA stand for? A) Visual Basic Architecture B) Visual Basic for Applications C) Virtual Basic Assembly D) Variable Base Analysis

Visual Basic for Applications

Which of the following is a GUI tool that is used to capture and analyze packets? A) TCPDump B) PowerShell C) TCPREplay D) Wireshark

Wireshark

Which utility sends custom TCP/IP packets? A) curl B) hping C) shape D) pingpacket

hping

Which of the following command is used to detect OS on a target? a) nmap -os b) nmap -iL /tmp/scanlist.txt --exclude /tmp/exclude.txt c) nmap -iLex /tmp/scanlist.txt --excludefile /tmp/exclude.txt d) nmap -o

nmap -o

Gregory wants to look at the details about the patch a packet takes from his Linux computer to another device. Which Linux command-line utility will he use? A) tracepacket B) trace C) tracert D) traceroute

traceroute

Which of the following is NOT a type of networking-based attacks? A) DNS attack B) DDoS Attack C) Malicious coding D) Reconnaissance attack

Reconnaissance attack

Which of the following reconnaissance and discover tools will provide detailed information about current network connections and TCP network connections? A) netstat B) curl C) dig D) tracert

netstat

Which of the following nmap command is used for file-exclusion? a) nmap -os b) nmap -o c) nmap -iL /tmp/scanlist.txt --excludefile /tmp/exclude.txt d) nmap -iLex /tmp/scanlist.txt --excludefile /tmp/exclude.txt

nmap -iL /tmp/scanlist.txt --excludefile /tmp/exclude.txt