Security + Study Questions

Ace your homework & exams now with Quizwiz!

Which of the following is a CLI packet sniffer?

tcpdump

A wireless disassociation attack is a type of:

denial-of-service (DoS) attack

Frequency bands for IEEE 802.11 networks include: (Select 2 answers)

2.4 GHz and 5.0 GHz

Which of the acronyms listed below refers to a set of rules that specify which users or system processes are granted access to objects as well as what operations are allowed on a given object?

ACL

Which of the following answers applies to a Rule-Based Access Control (RBAC) mechanism implemented on routers, switches, and firewalls?

ACL

Which part of the IPsec protocol suite provides authentication and integrity?

AH

Which cryptographic attack relies on the concepts of probability theory?

Birthday

The practice of sending unsolicited messages over Bluetooth is called:

Bluejacking

Gaining unauthorized access to a Bluetooth device is referred to as:

Bluesnarfing

A situation in which an application writes to an area of memory that it is not supposed to access is referred to as:

Buffer overflow

A type of trusted third party that issues digital certificates used for creating digital signatures and public-private key pairs is known as:

CA

Which of the following solutions allow to check whether a digital certificate has been revoked?

CRL and OCSP

Which type of attack allows for tricking a user into sending unauthorized commands to a web application? (Select 2 answers) --> IRC, CRSF, XSS, XSRF, CSR

CRSF and XSRF

Which of the answers listed below refers to a method for requesting a digital certificate?

CSR

Which of the following terms best describes a type of threat actor that engages in illegal activities to get the know-how and gain market advantage?

Competitors

A collection of recompiled functions designed to be used by more than one Microsoft Windows application simultaneously to save system resources is known as:

DLL

What is DLP

Data loss prevention (DLP) systems attempt to detect and block data exfiltration attempts. These systems have the capability of scanning data looking for keywords and data patterns.

A predefined username/password on a brand new wireless router is an example of:

Default configuration

Which password attack takes advantage of a predefined list of words?

Dictionary attack

Which of the following answers refers to a common antenna type used as a standard equipment on most Access Points (APs) for indoor Wireless Local Area Network (WLAN) deployments?

Dipole antenna

Which of the IPsec protocols provides authentication, integrity, and confidentiality?

ESP

A situation where cryptographic hash function produces two different digests for the same data input is referred to as hash collision(T/F?)

False

Cross-site request forgery (CSRF/XSRF) is a security exploit that allows for infecting a website with malicious code. The malicious code, often in the form of JavaScript, can then be sent to the unsuspecting user and executed via the user's web browser application. (T/F??)

False

Which of the answers listed below refers to a piece of hardware and associated software/firmware designed to provide cryptographic functions?

HSM

A security mechanism that allows HTTPS websites to resist impersonation by attackers using fraudulent certificates is called:

HTTP Public Key Pinning (HPKP)

An IDS that detects intrusions by comparing network traffic against the previously established baseline can be classified as

Heuristic, Anomaly-based, and Behavioral

What is the purpose of steganography?

Hiding data within another piece of data

Which statements best describe the attributes of an APT? (Select 3 answers)

High level of technical sophistication, Extensive amount of resources/funding, and actors are governments/nation states

Which of the answers listed below illustrates the difference between passive and active security breach response?

IDS vs. IPS

Which of the following answers applies to a situation where an Ethernet switch acts as an authenticator for devices that intend to connect to a network through one of its ports?

IEEE 802.1X

Which of the following factors pose the greatest risk for embedded systems?

Inadequate vendor support and default configurations

Which of the acronyms listed below refers to a cryptographic attack where the attacker has access to both the plaintext and its encrypted version?--> KEK, POODLE, KPA, CSRF

KPA

A trusted third-party storage solution providing backup source for cryptographic keys is referred to as:

Key Escrow

Malicious code activated by a specific event is called:

Logic bomb

Which statements best describe the attributes of a script kiddie?

Low level of technical sophistication and lack of extensive resources/funding

Which of the following answers refer to the implementations of NAC? (Select 2 answers)

MAC filter and 802.1X

A network security access control method whereby the 48-bit physical address assigned to each network card is used to determine access to the network is known as:

MAC filtering

A type of device that translates data between different communication formats is called:

Media Gateway

Which of the answers listed below is an example of exploitation framework?

Metasploit

What is the name of a Linux distribution commonly used as a target system for practicing penetration testing techniques?

Metasploitable

Which of the following network security solutions inspects network traffic in real-time and has the capability to stop the ongoing attack?

NIPS

What is the fastest way for validating a digital certificate?

OCSP

A social engineering technique whereby attackers under disguise of a legitimate request attempt to gain access to confidential information they shouldn't have access to is commonly referred to as:

Phishing

The practice of optimizing existing computer code without changing its external behavior is known as:

Refactoring

Which of the answers listed below refer to examples of PKI trust models?

Single CA model, Hierarchical model, mesh model, web of trust model, client-server mutual authentication model

IP spoofing and MAC spoofing rely on falsifying what type of address?

Source address

Which of the answers listed below refers to a data link layer (layer 2) device designed to forward data packets between Local Area Network (LAN) segments?

Switch

An effective asset management process provides countermeasures against:

System sprawl, Undocumented assets and Architecture and design weaknesses

Which of the following facilitate(s) privilege escalation attacks? (Select all that apply) --> System/application vulnerability, DDoS, System/application misconfiguration, Attribute-Based Access Control (ABAC), and social engineering techniques

System/application vulnerability, System/application misconfiguration, and social engineering techniques

A type of architecture in which most of the network configuration settings of an Access Point (AP) are set and managed with the use of a central switch or controller is called:

Thin AP

What is the best countermeasure against social engineering?

User Education

An IPsec mode providing encryption only for the payload (the data part of the packet) is known as:

Transport mode

Which of the IPsec modes provides entire packet encryption?

Tunnel

What type of device would be the most convenient for interconnecting two or more physically separated network segments?

Wireless Bridge

Vulnerability scanning:

identifies lack of security control, common misconfigurations, and Passively tests security controls

Which applies to a request that doesn't match the criteria defined in a ACL?

implicit deny rule

After feeding an input form field with incorrect data, a hacker gets access to debugger info providing extensive description of the error. This situation is an example of:

improper error handling

What describes a programming error where an application tries to store a numeric value in a variable that is too small to hold it?

integer overflow

A situation in which a web form field accepts data other than expected (e.g. server commands) is an example of:

Improper input validation

Which of the following violates the principle of least privilege?

Improperly configured accounts

Which of the following tools offers the functionality of a configuration compliance scanner?

Nessus

In a round-robin method, each consecutive request is handled by:

Next server in a cluster

Which type of Trojan enables unauthorized remote access to a compromised system

RAT

Which of the following wireless technologies enables identification and tracking of tags attached to objects?

RFID

A malfunction in preprogrammed sequential access to a shared resource is described as:

Race Condition

Which of the terms listed below refers to an example of a crypto-malware? --> Backdoor, Ransomware, Keylogger, Rootkit

Ransomware

A technology that allows for real-time analysis of security alerts generated by network hardware and applications is known as:

SIEM

Which of the following protocols provide protection against switching loops? (Select 2 answers)

STP and RSTP

A common example of channel overlapping in wireless networking could be the 2.4 GHz band used in 802.11 networks, where the 2.401 - 2.473 GHz frequency range is used for allocating 11 channels, each taking up a 22-MHz portion of the available spectrum. Setting up a wireless network to operate on a non-overlapping channel (1, 6, and 11 in this case) allows multiple networks to coexist in the same area without causing interference. (T/F)

True

An IP address that doesn't correspond to any actual physical network interface is called a virtual IP address (VIP/VIPA). (T/F)

True

Rainbow tables are lookup tables used to speed up the process of password guessing.(T/F?)

True

The term "Domain hijacking" refers to a situation in which a domain registrant due to unlawful actions of third parties loses control over his/her domain name. (T/F?)

True

The term "Evil twin" refers to a rogue Wireless Access Point (WAP) set up for eavesdropping or stealing sensitive user data. Evil twin replaces the legitimate access point and by advertising its own presence with the same Service Set Identifier (SSID, a.k.a. network name) appears as a legitimate access point to connecting hosts. (T/F?)

True

Which of the following answers refer to highly directional antenna types used for long-range point-to-point bridging links? (Select 2 answers)

Unidirectional and Dish Antenna

Which of the following statements describing the functionality of SIEM is not true?

Use of rewritable storage media

An attacker managed to associate his/her MAC address with the IP address of the default gateway. In result, a targeted host is sending network traffic to the attacker's IP address instead of the IP address of the default gateway. Based on the given info, which type of attack is taking place in this scenario?

ARP poisoning

Which of the following statements describe the function of a forward proxy? (Select 2 answers)

Acts on behalf of client and hides the identity of a client

Which of the statements listed below describe the function of a reverse proxy? (Select 2 answers)

Acts on behalf of server and hides the identity of a server

A company's security policy requires all employee devices to have a software installed that would run as a background service on each device and perform host security health checks before granting/denying it access to the corporate intranet. Based on the given description, which of the answers listed below can be used to describe the software's features? (Select 2 answers)

Agent-based and Permanent

A type of exploit that relies on overwriting contents of memory to cause unpredictable results in an application is known as:

Buffer overflow

Penetration testing:

Bypasses security controls Actively tests security controls Exploits vulnerabilities

What are the characteristic features of a transparent proxy? (Select all that apply)

Doesn't require client-side configuration, Redirects client's requests and responses without modifying them, and clients might be unaware of the proxy service.

In penetration testing, active reconnaissance involves gathering any type of publicly available information that can be used later for exploiting vulnerabilities found in the targeted system. (T/F)

False

SSL/TLS accelerators are used to decode secure communication links for the purpose of content inspection. (T/F)

False

Stateless inspection is a firewall technology that keeps track of network connections and based on the collected data determines which network packets should be allowed through the firewall. (T/F)

False

VPNs can be either remote-access (used for connecting networks) or site-to-site (used for connecting a computer to a network). (T/F)

False

An attacker impersonating a software beta tester replies to a victim's post in a forum thread discussing the best options for affordable productivity software. A while later, he/she follows up by sending the victim private message mentioning the discussion thread and offering free access to a closed beta version of a fake office app. Which social engineering principles apply to this attack scenario? (Select 3 answers)

Familiarity, Trust and Scarcity

Which of the statements listed below describe the purpose behind collecting OSINT?

Gaining advantage over competitors, Preparation before launching a cyberattack, and Passive reconnaissance in penetration testing

Examples of secure VPN tunneling protocols include: (Select 2 answers)

IPsec and TLS

Which of the following authentication protocols offer(s) countermeasures against replay attacks?

IPsec, Kerbros, CHAP

A type of wireless attack designed to exploit vulnerabilities of WEP is known as:

IV attack

Which of the following allows for checking digital certificate revocation status without contacting Certificate Authority (CA)?

OCSP stapling

Which of the antenna types listed below provide a 360-degree horizontal signal coverage? (Select 2 answers)

Omnidirectional and dipole antenna

Which of the following terms best describes a threat actor type whose sole intent behind breaking into a computer system or network is monetary gain?

Organized Crime

Which of the following answers lists an example of a cryptographic downgrade attack?--> MITM, KPA,POODLE, XSRF

POODLE

A security administrator configured an IDS to receive traffic from a network switch via port mirroring. Which of the following terms can be used to describe the operation mode of the IDS? (Select 2 answers)

Passive, and out-of-band

A fraudulent email requesting its recipient to reveal sensitive information (e.g. username and password) used later by an attacker for the purpose of identity theft is an example of: (Select all that apply)

Phishing and Social Engineering

In penetration testing, the practice of using one compromised system as a platform for further attacks on other systems on the same network is known as:

Pivoting

A software tool used for capturing and examining contents of the network traffic is known as:

Protocol Analyzer

In computer networking, a computer system or an application that acts as an intermediary between another computer and the Internet is commonly referred to as:

Proxy

Which of the terms listed below refer(s) to software/hardware driver manipulation technique(s) that might be used to enable malware injection? (Select all that apply)--> refactoring, sandboxing, fuzz testing, shimming, sideloading,

Refactoring and Shimming

What type of IP address would be assigned to a software-based load balancer to handle an Internet site hosted on several web servers, each with its own private IP address?

Virtual IP address

Which of the tools listed below would be of help in troubleshooting signal loss and low wireless network signal coverage?

WAP power level controls

Which of the terms listed below refers to computer data storage systems, data storage devices, and data storage media that can be written to once, but read from multiple times?

WORM

Which of the following security protocols is the least susceptible to wireless replay attacks?--> WPA2-CCMP, WPA-TKIP, WPA2-PSK, WPA-CCMP, WPA2-TKIP

WPA2-CCMP

A solution that simplifies configuration of new wireless networks by allowing non-technical users to easily configure network security settings and add new devices to an existing network is known as:

WPS

Which of the terms listed below refers to a platform used for watering hole attacks?--> Mail Gateways, Websites, PBX systems, Web browsers

Websites

Which of the following tools would be used to perform a site survey?

Wireless scanner

Which of the tools listed below would be used to detect a rogue AP?

Wireless scanner

A standalone malicious computer program that typically propagates itself over a computer network to adversely affect system resources and network bandwidth is called:

Worm

What describes an attempt to read a variable that stores a null value?

pointer dereference

A device designed to filter and transfer IP packets between dissimilar types of computer networks is called:

router


Related study sets

Davis Advantage Chp 10 Older Adult

View Set

Chapter 10: Documentation and Communication

View Set

Exam 1 Reading questions RelA250

View Set

Med Surg 1 Chapter 31 (Respiratory Disorders)

View Set

Pharmacology - Prep U - Chapter 41

View Set