CompTIA Security +

An attacker can exploit a weakness in a password protocol, to calculate the hash of a password. Which of the following can the attacker match the hash to, as a means to obtain the password? (Select two)

* A dictionary word * A rainbow table

Which of the following can perform a Denial of Service (DoS) attack against a wireless network? (Select two)

* A disassociation attack * A deauthentication attack

A security engineer implemented once-only tokens and timestamping sessions. What type of attacks can this type of security prevent? (Select two)

* A pass-the-hash attack * A replay attack

A social engineer used vishing and polite behavior to persuade a target to visit a fake website with fake reviews. The attacker then persuaded the victim to enter personally identifiable information (PII) in a web form. Which of the following did the attacker use to make the site appear more legitimate? (Select two)

* Consensus/social proof * Familiarity/liking

Which of the following social engineering techniques has less of a chance of arousing suspicion and getting caught? (Select two)

* Familiarity * Liking

An attacker used an illegal access point (AP) with a very strong signal near a wireless network. If the attacker performed a jamming attack, which of the following would prevent this type of network disruption? (Select two)

* Locate the offending radio source and disable it. * Boost the signal of the legitimate equipment.

Mutual authentication prevents a client from inadvertently submitting confidential information to a non-secure server. Mutual authentication also helps avoid which of the following? (Select two)

* Man-in-the-Middle attacks * Session hijacking attacks

Which of the following is an example of why viruses are destructive? (Select two)

* Viruses can exploit zero days. * Viruses can spread via social engineering techniques.

An adversary spoofs a victim's IP address and attempts to open connections with multiple servers. If those servers direct their SYN/ACK (Synchronize/Acknowledge) responses to the victim server, and rapidly consume the victim's bandwidth, what has happened?

A Distributed Reflection Denial of Service (DRDoS) attack

A social engineer convinced a victim to visit a malicious website, which allowed the attacker to exploit vulnerabilities on the victim's web browser. Which of the following best describes this type of attack?

A Man-in-the-Browser (MitB) attack

A malicious user sniffed credentials exchanged between two computers by intercepting communications between them. What type of attack did the attacker execute?

A Man-in-the-Middle attack

A residential internet consumer wants to add a wireless network to their home. To automate and simplify the setup process, the user installed a wireless access point capable of Wi-Fi Protected Setup (WPS) with an eight-character Personal Identification Number (PIN). What type of attack is this installation vulnerable to?

A brute force attack

To automate and simplify the setup process of adding a wireless network, a homeowner installed a wireless access point capable of Wi-Fi Protected Setup (WPS) with an eight-character Personal Identification Number (PIN). What type of attack can a hacker perform to exploit this vulnerability?

A brute force attack

An attacker facilitated a Man-in-the-Middle attack by requesting that the server use a lower specification protocol with weaker ciphers and key lengths. What type of attack does this describe?

A downgrade attack

What type of attack can facilitate a Man-in-the-Middle attack by requesting that the server use a lower specification protocol with weaker ciphers and key lengths?

A downgrade attack

An attacker remotely compromised a closed-circuit television (CCTV) server and used it to steal a user's password. Which of the following can help prevent this type of shoulder surfing?

A privacy filter

A hacker used a Man-in-the-Middle (MitM) attack to capture a user's authentication cookie. The attacker disrupted the legitimate user's session and then re-sent the valid cookie to impersonate the user and authenticate to the user's account. What type of attack is this?

A replay attack

Which of the following attacks consists of intercepting a key or password hash, to reuse it as a means to gain access to a resource?

A replay attack

A company's computer has a mobile device tethered to it, which creates a remote backdoor into the network. What does this device become?

A rogue access point (AP)

A security analyst's scans and network logs show that unauthorized devices are connecting to the network. After tracing this down, the analyst discovered a tethered smartphone creating a backdoor to gain access to the network. Which of the following describes this device?

A rogue access point (AP)

A registry has a code library added to it, to include its files to the system folder, which can intercept and redirect calls to enable legacy mode functionality. This is a way that malware, with local administrator privileges, can run on reboot. Which of the following represents this code library?

A shim

By compromising a Windows XP application that ran on a Windows 10 machine, an attacker installed persistent malware on a victim computer with local administrator privileges. What should the attacker add to the registry, along with its files added to the system folder, to execute this malware?

A shim

An attacker exploited a vulnerability on a website frequently visited by a group of bank employees. Once the employees visit the site, the attacker's malware infects their computers. What type of attack did the employees fall for?

A watering hole attack

To crack a Wired Equivalent Privacy (WEP) access point (AP) by making the AP generate lots of initializaiton vector (IV) packets, which of the following type of packets does the attacker generate?

Address Resolution Protocol (ARP) packets

Which of the following type of packets does an attacker generate to crack a Wired Equivalent Privacy (WEP) access point?

Address Resolution Protocol (ARP) packets

Which of the following attacks would allow an attacker to sniff all traffic on a switched network?

Address Resolution Protocol (ARP) poisoning

A social engineer, after performing reconnaissance on a victim, spoofed the phone number of the doctor's office the target frequently visits. Posing as the receptionist, the attacker called the victim, and requested the victim's Social Security Number (SSN). What type of social engineering attack did the social engineer exercise?

Authority

What type of brute force attack aims at exploiting collisions in hash functions?

Birthday attacks

An attacker came within close proximity of a victim and sent the mobile device user spam of an unsolicited text message. Once the user clicked the link in the message, the user's device was infected with Trojan malware. What type of attack did the hacker most likely infect the mobile user with?

Bluejacking

An attacker used an exploit to steal information from a mobile device, which allowed the attacker to circumvent the authentication process. Which of the following attacks is the mobile device vulnerable to?

Bluesnarfing

A user entered credentials into a web application login page. Unfortunately, the login form contained a malicious invisible iFrame, that allowed the attacker to intercept the user's input. What type of attack is this known as?

Clickjacking

An attacker modified the HTML code of a legitimate password-change webform, then hosted the .html file on the attacker's web server. The attacker then emailed a URL link of the hosted file to a real user of the webpage. Once the user clicked the link, it changed the user's password to a value the attacker set. Based on this information, what type of attack is the website vulnerable to?

Cross-site Request Forgery (XSRF)

An attacker sent a victim an email with a link to a malicious website. The victim then clicked the link, which opened a malicious payload in the browser, and changed the user's password to a legitimate website. What type of attack is the legitimate site vulnerable to?

Cross-site Request Forgery (XSRF)

An attacker discovered an input validation vulnerability on a website, crafted a URL that performed code injection against it, and emailed the link to the victim. Once the user clicked the link, the web site returned the page containing the malicious code. What type of attack does this describe?

Cross-site scripting (XSS)

An attacker hosted an exploit script on a malicious website and injected it into a trusted website. The attacker then sent the link to the victim and used open source information gathering (OSINT) and social engineering tactics, such as spear phishing, to convince the victim to click the link, which compromised the user browsing to the site. Which of the following best describes this type of attack?

Cross-site scripting (XSS)

Through backdoor Trojan malware infections, an attacker compromised multiple computers to form zombie agent PCs with tools to create a botnet. Which of the following attacks can the hacker launch?

Distributed Denial of Service (DDoS)

A hacker placed a false name:IP address mapping in the HOSTS file on a user's workstation to redirect traffic to the attacker's computer. What type of attack did the hacker perform?

Domain Name System (DNS) client cache poisoning

A hacker corrupted the name:IP records held on the HOSTS file on a server to divert traffic for a legitimate domain to a malicious IP address. What type of attack did the hacker perform?

Domain Name System (DNS) server cache poisoning

An attacker stole a website name by gaining control of and altering its registration information. The attacker then changed the IP address associated with the site, to the IP of a web server the attacker owned. What is this exploit of the website registration process known as?

Domain hijacking

A social engineer, impersonating a suppliant, rummaged through the garbage of a high-ranking loan officer, hoping to find discarded documents and removable media containing personally identifiable information (PII). Which of the following social engineering techniques did the attacker utilize?

Dumpster diving

Which of the following is a way to protect against birthday attacks?

Encryption algorithms, demonstrating collision avoidance

Which of the following attacks do security professionals expose themselves to if they turn the power output down on a wireless access point (AP)?

Evil twin attacks

A social engineer intercepted an end-user's phone call to an internet service provider (ISP) about a home internet outage. Pretending to be the caller reporting the outage, the attacker immediately contacted the ISP to cancel the service call, dressed up as an internet tech, and then proceeded to enter the end-user's home with permission. What type of social engineering attack did the ISP and end-user fall victim to?

Impersonation

If a social engineer dresses up as an internet technician, and then proceeds to enter a place of business once granted permission, what type of social engineering attack does this describe?

Impersonation

Which of the following, if implemented, will NOT help mitigate the threat of tailgating?

Installing non-discretionary privilege management

An attacker changed the physical address of the wireless adapter interface, to redirect traffic to the hacker's computer destined for the legitimate user. What type of attack does this describe?

Media Access Control (MAC) spoofing

Which of the following does NOT provide encryption and is therefore, vulnerable to eavesdropping and Man-in-the-Middle attacks?

NFC

If a system is vulnerable, to which of the following can an attacker (with system access) be able to obtain keys from system memory?

Privilege escalation

Which of the following attacks do security professionals expose themselves to, if they do not salt passwords with a random value?

Rainbow table attacks

Through what method can malware evade antivirus software detection so that the software no longer identifies the malware by its signature?

Refactoring

A penetration tester cracked a company's Wired Equivalent Privacy (WEP) access point (AP) by making the AP generate a large amount of initialization vector (IV) packets, by replaying Address Resolution Protocol (ARP) packets at it. What type of attack did the pen tester use to crack the AP?

Replay

A group of college students receive a phone call from someone claiming to be from a debt consolidation firm. The solicitor tried to convince the students that for a limited time, a rare offer will expire, which could erase their student loan debt if they provide their Social Security Number and other personally identifiable information (PII). Which of the following tactics did the caller use?

Scarcity and urgency

An attacker installed a fraudulent Radio Frequency ID (RFID) reader to steal credit card numbers any time someone used a card to make a purchase. What type of attack does this describe?

Skimming

After a social engineer used Open Source Intelligence (OSINT) to gather information about the victim, the attacker then used this information to email the victim, personalizing the message and convincing the victim to click a malicious link. What type of social engineering attack does this describe?

Spear phishing

An end-user received a web pop-up that claimed to identify a virus infection on their computer. The pop-up offered a link to download a program to fix the problem. After clicking the link, the security operations center (SOC) received an alert from the computer that the user downloaded a Trojan. Which of the following is most likely true about the pop-up?

The tool claiming to fix the problem was actually a hoax attack.

A malicious actor discovered that a company's storing and processing of data were insecure. The attacker deciphered encrypted data without authorization and impersonated a person within the organization by appropriating their encryption keys. What type of critical vulnerability did the attacker exploit?

The use of weak cipher suites and implementations

After an attacker gathered Open Source Intelligence (OSINT) from a social media site on an employee, the attacker called the employee and extracted important information, regarding the company the employee works for. Which of the following did the social engineer successfully perform?

Trust

A malicious user compromised a company's email server and bought a domain that was similar to the domain name of the company's bank. The attacker monitored the email server and altered the account numbers of legitimate pay-off notices from the bank. The attacker then used the fake domain to send the company the notices forged with the attacker's bank account number. Which of the following attacks did the attacker execute?

Typosquatting

If an attacker purchases a fake domain that has a similar name of a real domain, and then uses the fake domain to send the legitimate company forged notices by email, which of the following attacks did the malicious user perform?

Typosquatting

An attacker bought a domain similar to the domain name of a legitimate company. The attacker then used the fake domain to host malware and launch pharming attacks. Which of the following did the attacker use?

URL Hijacking

An attacker sends a phishing email to bank employees, regarding their compromised bank accounts, and they need to click a link to change their passwords as soon as possible. Which of the following describes a social engineering technique the attacker used?

Urgency

Which of the following describes a social engineering technique an attacker can use if the attacker wanted the end-user to click on a link as soon as possible?

Urgency

An attacker performed a Denial of Service (DoS) attack against a server, crashing it. What could the attacker do to mask the origin of the attack and make it harder for the security team to find the source of the attack?

Use IP spoofing

In what way can an attacker NOT perform a Denial of Service (DoS) attack?

Use web application firewall processing rules to filter traffic.

Which of the following is a way that a Denial of Service (DoS) attack cannot be performed?

Use web application firewall processing rules to filter traffic.

A social engineer impersonated an IT security staff member of a company, and called an employee to extract personally identifiable information (PII) from the employee. Which of the following attacks did the impersonator conduct?

Vishing

A social engineer suspects the upper management department of a company are more vulnerable to ordinary phishing attacks than the normal IT staff, since management staff are reluctant to learn basic security procedures. Therefore, the attacker crafted a campaign targeting these individuals. What type of attack did the social engineer perform?

Whaling