Security + Study Questions
Which of the following is a CLI packet sniffer?
tcpdump
A wireless disassociation attack is a type of:
denial-of-service (DoS) attack
Frequency bands for IEEE 802.11 networks include: (Select 2 answers)
2.4 GHz and 5.0 GHz
Which of the acronyms listed below refers to a set of rules that specify which users or system processes are granted access to objects as well as what operations are allowed on a given object?
ACL
Which of the following answers applies to a Rule-Based Access Control (RBAC) mechanism implemented on routers, switches, and firewalls?
ACL
Which part of the IPsec protocol suite provides authentication and integrity?
AH
Which cryptographic attack relies on the concepts of probability theory?
Birthday
The practice of sending unsolicited messages over Bluetooth is called:
Bluejacking
Gaining unauthorized access to a Bluetooth device is referred to as:
Bluesnarfing
A situation in which an application writes to an area of memory that it is not supposed to access is referred to as:
Buffer overflow
A type of trusted third party that issues digital certificates used for creating digital signatures and public-private key pairs is known as:
CA
Which of the following solutions allow to check whether a digital certificate has been revoked?
CRL and OCSP
Which type of attack allows for tricking a user into sending unauthorized commands to a web application? (Select 2 answers) --> IRC, CRSF, XSS, XSRF, CSR
CRSF and XSRF
Which of the answers listed below refers to a method for requesting a digital certificate?
CSR
Which of the following terms best describes a type of threat actor that engages in illegal activities to get the know-how and gain market advantage?
Competitors
A collection of recompiled functions designed to be used by more than one Microsoft Windows application simultaneously to save system resources is known as:
DLL
What is DLP
Data loss prevention (DLP) systems attempt to detect and block data exfiltration attempts. These systems have the capability of scanning data looking for keywords and data patterns.
A predefined username/password on a brand new wireless router is an example of:
Default configuration
Which password attack takes advantage of a predefined list of words?
Dictionary attack
Which of the following answers refers to a common antenna type used as a standard equipment on most Access Points (APs) for indoor Wireless Local Area Network (WLAN) deployments?
Dipole antenna
Which of the IPsec protocols provides authentication, integrity, and confidentiality?
ESP
A situation where cryptographic hash function produces two different digests for the same data input is referred to as hash collision(T/F?)
False
Cross-site request forgery (CSRF/XSRF) is a security exploit that allows for infecting a website with malicious code. The malicious code, often in the form of JavaScript, can then be sent to the unsuspecting user and executed via the user's web browser application. (T/F??)
False
Which of the answers listed below refers to a piece of hardware and associated software/firmware designed to provide cryptographic functions?
HSM
A security mechanism that allows HTTPS websites to resist impersonation by attackers using fraudulent certificates is called:
HTTP Public Key Pinning (HPKP)
An IDS that detects intrusions by comparing network traffic against the previously established baseline can be classified as
Heuristic, Anomaly-based, and Behavioral
What is the purpose of steganography?
Hiding data within another piece of data
Which statements best describe the attributes of an APT? (Select 3 answers)
High level of technical sophistication, Extensive amount of resources/funding, and actors are governments/nation states
Which of the answers listed below illustrates the difference between passive and active security breach response?
IDS vs. IPS
Which of the following answers applies to a situation where an Ethernet switch acts as an authenticator for devices that intend to connect to a network through one of its ports?
IEEE 802.1X
Which of the following factors pose the greatest risk for embedded systems?
Inadequate vendor support and default configurations
Which of the acronyms listed below refers to a cryptographic attack where the attacker has access to both the plaintext and its encrypted version?--> KEK, POODLE, KPA, CSRF
KPA
A trusted third-party storage solution providing backup source for cryptographic keys is referred to as:
Key Escrow
Malicious code activated by a specific event is called:
Logic bomb
Which statements best describe the attributes of a script kiddie?
Low level of technical sophistication and lack of extensive resources/funding
Which of the following answers refer to the implementations of NAC? (Select 2 answers)
MAC filter and 802.1X
A network security access control method whereby the 48-bit physical address assigned to each network card is used to determine access to the network is known as:
MAC filtering
A type of device that translates data between different communication formats is called:
Media Gateway
Which of the answers listed below is an example of exploitation framework?
Metasploit
What is the name of a Linux distribution commonly used as a target system for practicing penetration testing techniques?
Metasploitable
Which of the following network security solutions inspects network traffic in real-time and has the capability to stop the ongoing attack?
NIPS
What is the fastest way for validating a digital certificate?
OCSP
A social engineering technique whereby attackers under disguise of a legitimate request attempt to gain access to confidential information they shouldn't have access to is commonly referred to as:
Phishing
The practice of optimizing existing computer code without changing its external behavior is known as:
Refactoring
Which of the answers listed below refer to examples of PKI trust models?
Single CA model, Hierarchical model, mesh model, web of trust model, client-server mutual authentication model
IP spoofing and MAC spoofing rely on falsifying what type of address?
Source address
Which of the answers listed below refers to a data link layer (layer 2) device designed to forward data packets between Local Area Network (LAN) segments?
Switch
An effective asset management process provides countermeasures against:
System sprawl, Undocumented assets and Architecture and design weaknesses
Which of the following facilitate(s) privilege escalation attacks? (Select all that apply) --> System/application vulnerability, DDoS, System/application misconfiguration, Attribute-Based Access Control (ABAC), and social engineering techniques
System/application vulnerability, System/application misconfiguration, and social engineering techniques
A type of architecture in which most of the network configuration settings of an Access Point (AP) are set and managed with the use of a central switch or controller is called:
Thin AP
What is the best countermeasure against social engineering?
User Education
An IPsec mode providing encryption only for the payload (the data part of the packet) is known as:
Transport mode
Which of the IPsec modes provides entire packet encryption?
Tunnel
What type of device would be the most convenient for interconnecting two or more physically separated network segments?
Wireless Bridge
Vulnerability scanning:
identifies lack of security control, common misconfigurations, and Passively tests security controls
Which applies to a request that doesn't match the criteria defined in a ACL?
implicit deny rule
After feeding an input form field with incorrect data, a hacker gets access to debugger info providing extensive description of the error. This situation is an example of:
improper error handling
What describes a programming error where an application tries to store a numeric value in a variable that is too small to hold it?
integer overflow
A situation in which a web form field accepts data other than expected (e.g. server commands) is an example of:
Improper input validation
Which of the following violates the principle of least privilege?
Improperly configured accounts
Which of the following tools offers the functionality of a configuration compliance scanner?
Nessus
In a round-robin method, each consecutive request is handled by:
Next server in a cluster
Which type of Trojan enables unauthorized remote access to a compromised system
RAT
Which of the following wireless technologies enables identification and tracking of tags attached to objects?
RFID
A malfunction in preprogrammed sequential access to a shared resource is described as:
Race Condition
Which of the terms listed below refers to an example of a crypto-malware? --> Backdoor, Ransomware, Keylogger, Rootkit
Ransomware
A technology that allows for real-time analysis of security alerts generated by network hardware and applications is known as:
SIEM
Which of the following protocols provide protection against switching loops? (Select 2 answers)
STP and RSTP
A common example of channel overlapping in wireless networking could be the 2.4 GHz band used in 802.11 networks, where the 2.401 - 2.473 GHz frequency range is used for allocating 11 channels, each taking up a 22-MHz portion of the available spectrum. Setting up a wireless network to operate on a non-overlapping channel (1, 6, and 11 in this case) allows multiple networks to coexist in the same area without causing interference. (T/F)
True
An IP address that doesn't correspond to any actual physical network interface is called a virtual IP address (VIP/VIPA). (T/F)
True
Rainbow tables are lookup tables used to speed up the process of password guessing.(T/F?)
True
The term "Domain hijacking" refers to a situation in which a domain registrant due to unlawful actions of third parties loses control over his/her domain name. (T/F?)
True
The term "Evil twin" refers to a rogue Wireless Access Point (WAP) set up for eavesdropping or stealing sensitive user data. Evil twin replaces the legitimate access point and by advertising its own presence with the same Service Set Identifier (SSID, a.k.a. network name) appears as a legitimate access point to connecting hosts. (T/F?)
True
Which of the following answers refer to highly directional antenna types used for long-range point-to-point bridging links? (Select 2 answers)
Unidirectional and Dish Antenna
Which of the following statements describing the functionality of SIEM is not true?
Use of rewritable storage media
An attacker managed to associate his/her MAC address with the IP address of the default gateway. In result, a targeted host is sending network traffic to the attacker's IP address instead of the IP address of the default gateway. Based on the given info, which type of attack is taking place in this scenario?
ARP poisoning
Which of the following statements describe the function of a forward proxy? (Select 2 answers)
Acts on behalf of client and hides the identity of a client
Which of the statements listed below describe the function of a reverse proxy? (Select 2 answers)
Acts on behalf of server and hides the identity of a server
A company's security policy requires all employee devices to have a software installed that would run as a background service on each device and perform host security health checks before granting/denying it access to the corporate intranet. Based on the given description, which of the answers listed below can be used to describe the software's features? (Select 2 answers)
Agent-based and Permanent
A type of exploit that relies on overwriting contents of memory to cause unpredictable results in an application is known as:
Buffer overflow
Penetration testing:
Bypasses security controls Actively tests security controls Exploits vulnerabilities
What are the characteristic features of a transparent proxy? (Select all that apply)
Doesn't require client-side configuration, Redirects client's requests and responses without modifying them, and clients might be unaware of the proxy service.
In penetration testing, active reconnaissance involves gathering any type of publicly available information that can be used later for exploiting vulnerabilities found in the targeted system. (T/F)
False
SSL/TLS accelerators are used to decode secure communication links for the purpose of content inspection. (T/F)
False
Stateless inspection is a firewall technology that keeps track of network connections and based on the collected data determines which network packets should be allowed through the firewall. (T/F)
False
VPNs can be either remote-access (used for connecting networks) or site-to-site (used for connecting a computer to a network). (T/F)
False
An attacker impersonating a software beta tester replies to a victim's post in a forum thread discussing the best options for affordable productivity software. A while later, he/she follows up by sending the victim private message mentioning the discussion thread and offering free access to a closed beta version of a fake office app. Which social engineering principles apply to this attack scenario? (Select 3 answers)
Familiarity, Trust and Scarcity
Which of the statements listed below describe the purpose behind collecting OSINT?
Gaining advantage over competitors, Preparation before launching a cyberattack, and Passive reconnaissance in penetration testing
Examples of secure VPN tunneling protocols include: (Select 2 answers)
IPsec and TLS
Which of the following authentication protocols offer(s) countermeasures against replay attacks?
IPsec, Kerbros, CHAP
A type of wireless attack designed to exploit vulnerabilities of WEP is known as:
IV attack
Which of the following allows for checking digital certificate revocation status without contacting Certificate Authority (CA)?
OCSP stapling
Which of the antenna types listed below provide a 360-degree horizontal signal coverage? (Select 2 answers)
Omnidirectional and dipole antenna
Which of the following terms best describes a threat actor type whose sole intent behind breaking into a computer system or network is monetary gain?
Organized Crime
Which of the following answers lists an example of a cryptographic downgrade attack?--> MITM, KPA,POODLE, XSRF
POODLE
A security administrator configured an IDS to receive traffic from a network switch via port mirroring. Which of the following terms can be used to describe the operation mode of the IDS? (Select 2 answers)
Passive, and out-of-band
A fraudulent email requesting its recipient to reveal sensitive information (e.g. username and password) used later by an attacker for the purpose of identity theft is an example of: (Select all that apply)
Phishing and Social Engineering
In penetration testing, the practice of using one compromised system as a platform for further attacks on other systems on the same network is known as:
Pivoting
A software tool used for capturing and examining contents of the network traffic is known as:
Protocol Analyzer
In computer networking, a computer system or an application that acts as an intermediary between another computer and the Internet is commonly referred to as:
Proxy
Which of the terms listed below refer(s) to software/hardware driver manipulation technique(s) that might be used to enable malware injection? (Select all that apply)--> refactoring, sandboxing, fuzz testing, shimming, sideloading,
Refactoring and Shimming
What type of IP address would be assigned to a software-based load balancer to handle an Internet site hosted on several web servers, each with its own private IP address?
Virtual IP address
Which of the tools listed below would be of help in troubleshooting signal loss and low wireless network signal coverage?
WAP power level controls
Which of the terms listed below refers to computer data storage systems, data storage devices, and data storage media that can be written to once, but read from multiple times?
WORM
Which of the following security protocols is the least susceptible to wireless replay attacks?--> WPA2-CCMP, WPA-TKIP, WPA2-PSK, WPA-CCMP, WPA2-TKIP
WPA2-CCMP
A solution that simplifies configuration of new wireless networks by allowing non-technical users to easily configure network security settings and add new devices to an existing network is known as:
WPS
Which of the terms listed below refers to a platform used for watering hole attacks?--> Mail Gateways, Websites, PBX systems, Web browsers
Websites
Which of the following tools would be used to perform a site survey?
Wireless scanner
Which of the tools listed below would be used to detect a rogue AP?
Wireless scanner
A standalone malicious computer program that typically propagates itself over a computer network to adversely affect system resources and network bandwidth is called:
Worm
What describes an attempt to read a variable that stores a null value?
pointer dereference
A device designed to filter and transfer IP packets between dissimilar types of computer networks is called:
router