Midterm SEC-110
What is the difference between a Trojan and a RAT?
A RAT gives the attacker unauthorized remote access to the victim's computer.
Zero-day vulnerabilities and configuration vulnerabilities can heavily impact a system if exploited. How should you differentiate between a zero-day vulnerability and a configuration vulnerability?
A Zero-day vulnerability is an unknown vulnerability in released software that is found and exploited by a threat actor, whereas a configuration vulnerabilitiy is caused by improper settings in hardware or software.
Which tool is most commonly associated with state actors?
Advanced Persistent Threat (APT)
Which of the following describes state actors using advanced tools to infect a system to silently and slowly extract data?
Advanced persistent threat (APT)
Which of the following ensures that only authorized parties can view protected information?
Authorization
Which threat actor violate computer security for personal gain?
Black hat Hackers
Gabriel's sister called him about a message that suddenly appeared on her screen that says her software license has expired and she must immediately pay $500 to have it renewed before control of the computer will be returned to her. What type of malware has infected her computer?
Blocking ransomware
Which threat actor sell their knowledge to other attackers or governments?
Brokers
Which group is responsible for the Cloud Control Matrix?
CSA
Which of the following attacks is based on the principle that when a user is currently authenticated on a website and then loads another webpage, the new page inherits the identity and privileges of the first website?
CSRF
Jack is appointed on a security farm as an information security officer. The network of the company comprises many varieties of operating systems and application software. During an external security audit, a gap was discovered: The company does not have any framework or governing guidelines to define security defenses for protecting the operating systems, underlying services, and application software. Which framework or set of guidelines should Jack adopt to cover this gap?
Center of Internet Security (CIS) Benchmarks
Which organization's goal is to define and raise awareness of best practices that help secure cloud computing environments?
Cloud Security Alliance (CSA)
Alice is a vulnerability assessment consultant. She was assigned to scan all database servers for vulnerabilities, during which she found a bunch of vulnerabilities. What are the most appropriate parameters that she should consider while prioritizing the top vulnerabilities that need to be fixed?
Common Vulnerability scoring system (CVSS) score and true positivity
What are advantages of crowdsourced penetration testing?
Conducting multiple tests simultanenously; faster testing; ability to rotate teams; but its expensive
Unsecure protocols are classified as which type of vulnerability?
Configuration Vulnerability
In an interview, the interviewer introduced the following scenario: An enterprise is hosting all its computing resources on a cloud platform, and you need to identify which vulnerability is most likely to occur.
Configuration vulnerability
Which of the following vulnerability scans are slower but can provide a deeper insight into the system by accessing a wider range of the installed software and examine the software's configuration settings and current security posture?
Credentialed Vulnerability scans
Marius's team leader has just texted him that an employee, who violated company policy by bringing in a file on her USB flash drive, has just reported that her computer is suddenly locked up with cryptomalware. Why would Marius consider this a dangerous situation?
Cryptomalware can encrype all files on any network that is connected to the employee's computer
Recently, a computerized electrical power supply unit failed due to a cyberattack. This resulted in a power grid disruption for an entire region of the country. In your study on the attack, how should you categorize the threat actor(s)?
Cyberterrorist
Which of the following is an attack vector used by threat actors to penetrate a system?
Which of the following is the most common method for delivering malware?
What word is used today to refer to network-connected hardware devices?
Endpoint
Which feature of a security information and event management (SIEM) tool can help filter multiple alerts detected by different devices for the same event into a single alarm?
Event duplication
Which type of malware relies on LOLBins?
Fileless virus
Hacktivists and state actors are huge threats to government systems. What is the main difference between Hacktivists and state actors
Hacktivists misuse a computer system or network for socially or politically motivated reasons, whereas state actors are covertly sponsored by a government to attack its foes.
botnets or zombie networks
Hordes of surreptitiously infiltrated computers, linked and controlled remotely. They can be spam, malware, ad fraud, but not fileless viruses or email
Which of the following is a social engineering attack that uses social media and other sources to achieve its goal?
Hybrid warfare influence campaign
Which ISO contains controls for managing and controlling risk?
ISO 31000
What would be considered the result of a logic bomb?
If the company's stock price drops below $50, then credit Oscar's retirement account with one additional year of retirement credit; Delete all human resource records regarding Augustine one month after he leaves the company; Erase the hard drives of all the servers 90 days after Alfredo's name is removed from the list of current employees NOT Send an email each Monday morning with the agenda of that weeks department meeting
Which of the following is not something that a SIEM can perform?
Incident response
Threat actors focused on financial gain often attack which of the following main target categories?
Individual Users
Which of the following of the CIA Triad ensures that the information is correct, and no unauthorized person has altered it?
Integrity
Josh is researching the different types of attacks that can be generated through a botnet. Which of the following would NOT be something distributed by a botnet?
LOLBins, bc they are fileless virus
How can a threat actor tunnel through a network, using advanced privileges they've accessed, and look for additional systems that can be accessed from elevated positions?
Lateral movement
When researching how an attack recently took place, Nova discovered that the threat actor, after penetrating the system, started looking to move through the network with their elevated position. What is the name of this technique?
Lateral movement
What are characteristics of malware?
Launch, Deceive, Imprison
Which of the following types of platforms is known for its vulnerabilities due to age?
Legacy platform
Which of the following is not used to describe those who attack computer systems?
Malicious agent hackers, attackers, threat actors are those who do attack computer systems
Which of the following frameworks is used by most companies as a measuring stick to compare their cybersecurity practices to the threats that they face?
NIST Cybersecurity Framework
Which of the following is a standard for the handling of customer card information?
PCI DSS
Randall's roommate is complaining to him about all of the software that came pre-installed on his new computer. He doesn't want the software because it slows down the computer. What type of software is this?
PUP
What is an officially released software security update intended to repair a vulnerability called?
Patch
Seo-jun is a bug bounty hunter. He was hired by an industrial organization to damage the network's security defenses as much as possible. Seo-jun gained initial access to a system in the network by sending a spear-phishing email into the network that installed a virus. What sequence of actions should he perform to achieve repeated and long-term access to multiple systems in the network with a highly privileged account?
Perform privilege escalation, then lateral movement, and then perform backdoor installation
Social engineering is a means of eliicting information by relying on the weakness of individuals. How should you differentiate between the social engineering techniques of phishing and pharming?
Phishing involves sending an email message or displaying a web announcement that falsely claims to be from a legitimate enterprise, whereas pharming is a redirection technique that attempts to exploit how a url is converted into its corresponding IP.
Which of the following is a social engineering method that attempts to influence the subject before the event occurs?
Prepending
Which of the following is false about the CompTIA Security+ certification?
Professionals who hold the Security+ certification earn about the same or slightly less than security professionals who have not achieved this certification.
Which of the following are developed by established professional organizations or government agencies using the expertise of seasoned security professionals?
Regulations
Which is the final rule of engagement that would be conducted in a pen test?
Reporting
MegaCorp is a multinational enterprise. Their customer payment files were recently stolen and sold on the black market. Customers have reported that their credit cards are being charged for fraudulent purchases made in countries where they do not live and have never been. What is the most likely impact on MegaCorp from this attack?
Reputation loss
What are the documents that are authored by technology bodies employing specialists, engineers, and scientists who are experts in those areas?
Requests for comments (RFCs)
Which of the following can automate an incident response?
SOAR
Tuva's supervisor wants to share a recent audit outside the organization. Tuva warns him that this type of audit can only be read by those within the organization. What audit does Tuva's supervisor want to distribute?
SSAE SOC 2 Type II
In Cybersecurity, a threat actor is an individual or an entity responsible for cyber incidents against the technical equipment of enterprises and users. How should you differentiate an attack by a script kiddie from that of a gray hat hacker?
Script kiddies use automated attack software created by other hackers for personal gain, whereas gray hat hackers create their own attack software to showcase vulnerabilities present in a system to the world.
Which of the following is true regarding the relationship between security and convenience?
Security and convenience are inversely proportional
Which of the following is true regarding security?
Security is a process, a goal, includes the necessary steps to protect from harm.
After Bella earned her security certification, she was offered a promotion. As she reviewed the job responsibilities, she saw that in this position she will report to the CISO and will be a supervisor over a group of security technicians. Which of these generally recognized security positions has she been offered?
Security manager
A threat actor employed by the victimized organization is referred to as which of the following? Employees who become frustrated with the slow pace of acquiring technology, so they purchase and install their own equipment or resources, violating company policies.
Shadow IT
What is a variation of a common social engineering attack targeting a specific user?
Spear phishing
Which of the following groups use Advanced Persistent Threats?
State actors
Over the last few years, an organization has brought up the need to replace old systems. While the organization has made these old systems function with various workarounds, custom middleware applications, and other methods to make up for their shortcomings, it has become increasingly apparent that they need to be replaced soon. Which of the following security concerns does the company face if they continue to use the outdated systems?
The age of the system means they run on outdated OSs that are no longer supported, making security updates impossible to install.
How do vendors decide which should be the default settings on a system?
Those settings that provide the means by which the user can immediately begin to use the product.
Which premise is the foundation of threat hunting?
Threat actors have already infiltrated our network.
What is the sequence of the rules of engagement during a penetration testing attack?
Timing, scope, authorization, exploitation, communication, clean up, reporting
What is the primary difference in the goals of vulnerability scanning and penetration testing, respectively?
To identify risks by scanning systems and networks; to gain unauthorized access and exploit vulnerabilities
What is an objective of state-sponsored attackers?
To spy on citizens
A weakest link vulnerability can be caused by mismanagement of which of the following?
Vendor management
Your company's Accounts Payable department reports that an invoice was marked as paid, but the vendor has shown proof they never received any of the $783,296 payment. Accounts Payable confirms that the amount was deducted from the company's accounts, but the recipient account number does not match the vendor's. After an investigation, you discover that the invoice was paid by the Chief Financial Officer. He says he paid the invoice after receiving an after-hours, past-due invoice from the vendor claiming that they would be filing a civil action in court the next morning. Rather than wait for Accounts Payable to come in the next day and verify the invoice date, the CFO immediately paid the full amount. Which type of social engineering attack was your company most likely the victim of?
Whaling
What type of hacker will probe a system for weaknesses and then privately provide that information back to the organization?
White hat hackers
Which of the following is known as a network virus
Worm
Which of the following attacks is based on a website accepting user input without sanitizing it?
XSS
Another name for footprinting
active reconnaissance
What penetration testing level name is given to testers who have no knowledge of the network and no special privileges?
black box
What is the category of threat actors that sell their knowledge of vulnerabilities to other attacks or governments
brokers
patching vulnerability
can occur when a vulnerability present in a released system cannot be effectively patched. Embedded devices are riddled with vulnerabilities and there is no good way to patch them.
Your company recently purchased routers with new and updated features and deployed them in the highly secure enterprise network without changing the default settings. A few days later, the enterprise network suffered a data breach, and you are assigned to prepare a report on the data breach. Which of the following vulnerabilities should you identify as the source of the breach?
configuration vulnerability
Which of the following is an issue with patching?
delays in patching OSs, few patches exist for application software, difficulty patching firmware. not address zero-day vulnerabilities
Luna is reading a book about the history of cybercrime. She read that the very first cyberattacks that occurred were mainly for what purpose?
fame
What is it called when a threat actor takes information for the purpose of impersonating someone? when a threat actor steals personally identifiable info to impersonate someone else
identity theft
Credential Harvesting
is a form of reconnaissance used by threat actors to gain more information about their victims before committing identity fraud.
Cyberterrorism/ Cyberterrorists
is an attack on a nation's network and computer infrastructure to cause disruption and panic among citizens.
System integration
is the connectivity between the organization and a third party.
What are a general information source that can provide valuable in-depth information on cybersecurity?
local industry groups; vendor websites, conferences
Characteristic of a penetration test
may use internal employees or external consultants; finds deep vulnerabilities; performed occasionally; not automated
Reason why a legacy platform has not been updated?
neglect, limited hardware capacity, and application onlyl operates on a specific OS version
Ebba has received a new initiative for her security team to perform an in-house penetration test. What is the first step that Ebba should undertake?
planning
You work for an enterprise that provides various cybersecurity services. You are assigned to examine an enterprise's network and suggest security measures modifications, if necessary. On examining the network, you find that the enterprise hosts most of its computing resources on a cloud platform and few resources on-premises, and both seem to have secure settings implemented. You also find that the enterprise computers use the Windows XP operating system. Which of the following vulnerabilities should you insist on fixing first?
platform vulnerability
Linnea has requested to be placed on the penetration testing team that scans for vulnerabilities to exploit them. Which team does she want to be placed on?
red team
Tilde is working on a contract with the external penetration testing consultants. She does not want any executives to receive spear-phishing emails. Which rule of engagement would cover this limitation?
scope
Which of the following groups have the lowest level of technical knowledge?
script kiddies
Which of the following is how a bot communicates with a C&C device?
signing in to a third-party website, command sent thru Twitter posts; signing into a website the bot herder operates but not thru email
of the following is a recognized attack vector?
social media, supply chain, email
What is the term used to describe the connectivity between an organization and a third-party?
system integration
A security manager works on
tasks identified by the CISO and resolves issues identified by technicians
Lykke's supervisor is evaluating whether to use internal security employees to conduct a penetration test. Lykke does not consider this a good idea and has created a memo with several reasons they should not be used. Which of the following would NOT be part of that memo?
they may lack expertise; the employees could have inside knowledge of the network that would give them an advantage; employees may have a reluctance to reveal a vulnerability.
Complete this definition of information security: That which protects the integrity, confidentiality, and availability of information _____.
through products, people, and procedures on the devices that store, manipulate, and transmit the information
Legacy Platform Vulnerabilities
use insufficient hardware, the security of communications between them and more modern devices is not a security concern.
Your enterprise experienced several technical issues over the last few days. There were multiple instances of passwords needing to be changed and other issues causing downtime. Management has started receiving voicemails regarding fraudulent activities on their accounts. While the voicemails sound authentic, the help desk concludes that they are fake. What type of malicious activity will this be considered?
vishing
Attackers have taken over a site commonly used by an enterprise's leadership team to order new raw materials. The site is also visited by leadership at several other enterprises, so taking this site will allow for attacks on many organizations Which type of malicious activity is this?
watering hole
Which of the following is a configuration vulnerability
weak encryption
Your company is considering updating several electronic devices used in the enterprise network. The third-party service provider that your company approached says that they require access to the enterprise network in order to implement the updates. As the chief information security officer, you are asked to analyze the requirement and submit a report on potential vulnerabilities when giving a third-party access to the network. What vulnerabilities should you list as the most likely to affect the enterprise network?
weakest link
