CompTIA Network+ Exam N10-007: Lesson 08
Which type of password cracking attempt uses information about the individual in order to gain their password?
Guessing
Which of the following network attacks consists of an attacker capturing network packets for a data stream between two other computers?
Man-in-the-middle
Which of the following is best described as a program with hidden code that is designed to be run when a specific condition is met?
Logical Bomb
Which of the following is a good way to identify running services on the destination operating system that is not running a firewall?
Port scanning
Which of the following security policies is used to provide information for end users in regards to the way in which computer equipment is to be used?
Acceptable Use
One way of handling risk which involves utilizing a separate organization for the particular technology in question is known as what?
Avoidance
High availability and disaster recovery are parts of this type of plan that an organization uses to ensure the ongoing availability of its services. Which of the following is the name of this plan?
BCP
Which of the following is the science of encrypting information?
Cryptography
Which of the following is a general security guideline that ensures that users and administrators are only given the necessary permissions to perform their duties?
Least Privilege
Which of the following would not be considered a type of vulnerability on today's network devices and host systems?
Port Filtering
Which of the following would not be considered a method of hardening network devices?
Service Hardening
Someone phones one of the users in your organization claiming to be a member of our tech support team and request sensitive information from them. What kind of attack is this?
Social Engineering
Which of the following network attacks would be considered an attack on the human element of network security?
Social engineering
Which of the following network attacks is used to flood a server with many half-open TCP connections to prevent the server from accepting other connections?
TCP/SYN Flood
How is the term risk actually constructed in risk management processes?
Threat x Vulnerability + Impact
Which of the following malware types is typically hiding inside another program and often will cause identity theft and/or unauthorized remote access to the infected computer?
Trojan