Security+ SY0-601 Domain 1: Attacks, Threats, and Vulnerabilities

Ace your homework & exams now with Quizwiz!

Dynamic Trunking Protocol

Should be disabled on the switch's end user (access) ports before implementing the switch configuration into the network.

Spamming

Which type of malicious activity can be described as numerous unwanted and unsolicited email messages sent to a wide range of victims?

Dictionary attack

Which type of password attack employs a list of pre-defined passwords that it tries against a login prompt?

Backdoor

While developing a network application, a programmer adds functionally that allows her to access the running program without authentication so she can capture debugging data. The programmer forgets to remove this functionality prior to finalizing the code and shipping the application. Which type of security weakness does this describe?

Dumpster diving

You are cleaning your desk at work. You toss several stacks of paper in the trash, including a sticky note with your password written on it. Which of the following types of non-technical password attacks have you enabled?

False positive

You have configured an NIDS to monitor network traffic. Which of the following describes harmless traffic that has been identified as a potential attack by the NIDS device?

Tarpit

You have implemented a new application control solution. After monitoring traffic and use for a while, you have noticed an application that continuously circumvents blocking. How should you configure the application control software to handle this application?

Schedule regular full-system scans. Educate users about malware.

You have installed antivirus software on the computers on your network. You update the definition and engine files and configure the software to update those files every day. What else should you do to protect your systems from malware?

Web applications

SQL injections are a result of which of the following flaws?

Which of the following BEST describes phishing?

A fraudulent email that claims to be from a trusted organization.

Which of the following best describes a script kiddie?

A hacker who uses scripts written by much more talented individuals

Privilege escalation

A relatively new employee in the data entry cubical farm was assigned a user account similar to the other data entry employees' accounts. However, audit logs have shown that this user account has been used to change ACLs on several confidential files and has accessed data in restricted areas. This situation indicates which of the following has occurred?

Whaling

An attack that targets senior executives and high-profile victims is referred to as what?

Relay

An attacker has intercepted near-field communication (NFC) data and is using that information to masquerade as the original device. Which type of attack is being executed?

Spam

An attacker sends an unwanted and unsolicited email message to multiple recipients with an attachment that contains malware. Which kind of attack has occurred in this scenario?

Backdoor

An attacker was able to gain unauthorized access to a mobile phone and install a Trojan horse so that he or she could bypass security controls and reconnect later. Which type of attack is this an example of?

Shoulder surfing

Brandon is helping Fred with his computer. He needs Fred to enter his username and password into the system. Fred enters the username and password while Brandon is watching him. Brandon explains to Fred that it is not a good idea to allow anyone to watch you type in usernames or passwords. Which type of social engineering attack is Fred referring to?

In 2011, Sony was targeted by an SQL injection attack that compromised over one million emails, usernames, and passwords. Which of the following could have prevented the attack?

Careful configuration and penetration testing on the front end

Social engineering

Carl received a phone call from a woman who states that she is calling from his bank. She tells him that someone has tried to access his checking account, and she needs him to confirm his account number and password to discuss further details. He gives her his account number and password. Which of the following types of non-technical password attack has occurred?

MAC flooding

Causes packets to fill up the forwarding table and consumes so much of the switch's memory that it enters a state called Fail Open Mode.

Which of the following BEST describes a cyber terrorist?

Disrupts network-dependent institutions

OSINT (Open-source intelligence)

Gathering as much personally identifiable information (PII) on a target as possible is a goal of which reconnaissance method?

Threat feeds

In your role as a security analyst, you need to stay up to date on the latest threats. You are currently reviewing the latest real-time updates on cyberthreats from across the world. Which of the following resources are you MOST likely using?

Which of the following best describes spyware?

It monitors the actions you take on your machine and sends the information back to its originating source

You have run a vulnerability scanning tool and identified several patches that need to be applied to a system. What should you do next after applying the patches?

Run the vulnerability assessment again.

Availability loss

Sometimes, an attacker's goal is to prevent access to a system rather than to gain access. This form of attack is often called a denial-of-service attack and causes which impact?

ARP spoofing/poisoning

The source device sends frames to the attacker's MAC address instead of to the correct device.

SOAR (Security Orchestration, Automation, and Response)

Which of the following systems is able to respond to low-level security events without human assistance

Phishing

Users in your organization receive email messages informing them that suspicious activity has been detected on their bank accounts. They are directed to click a link in the email to verify their online banking username and password. The URL in the link is in the .ru top-level DNS domain. Which kind of attack has occurred?

Remote Access Trojan (RAT)

Which kind of malware provides an attacker with administrative control over a target computer through a backdoor?

Filters messages containing specific content Blocks email from specific senders

Which of the following are functions of gateway email spam filters?

Buffer overflow attack

Which of the following attacks is a form of software exploitation that transmits or submits a longer stream of data than the input variable is designed to handle?

Viewing calendar, emails, and messages on a mobile device without authorization

Which of the following best describes Bluesnarfing?

Trojan horse

Which of the following is a program that appears to be a legitimate application, utility, game, or screensaver, but performs malicious activities surreptitiously?

Password authentication

Which of the following is most vulnerable to a brute-force attack?

ARP poisoning

Which of the following is the term used to describe what happens when an attacker sends falsified messages to link their MAC address with the IP address of a legitimate computer or server on a network?

Bluejacking

Which of the following sends unsolicited business cards and messages to a Bluetooth device?

Reconnaissance

Which phase or step of a security assessment is a passive activity?

Vulnerability scanner

You want to be able to identify the services running on a set of servers on your network


Related study sets

INDUSTRIAL REVOLUTION STUDY GUIDE

View Set

American History Chapter 22 Section 2

View Set

International Business Chapter 8

View Set

GOVT-2306 Chapter 7,8,9 Exam 3 Review

View Set

A&P Chapter 9.6, Bone Resorption by Osteoclasts

View Set

Chapter 13 Learn Smart Microeconomics torture

View Set

Health Psychology Exam 1: Chapter 1+2

View Set