Security+ SY0-601 Domain 1: Attacks, Threats, and Vulnerabilities
Dynamic Trunking Protocol
Should be disabled on the switch's end user (access) ports before implementing the switch configuration into the network.
Spamming
Which type of malicious activity can be described as numerous unwanted and unsolicited email messages sent to a wide range of victims?
Dictionary attack
Which type of password attack employs a list of pre-defined passwords that it tries against a login prompt?
Backdoor
While developing a network application, a programmer adds functionally that allows her to access the running program without authentication so she can capture debugging data. The programmer forgets to remove this functionality prior to finalizing the code and shipping the application. Which type of security weakness does this describe?
Dumpster diving
You are cleaning your desk at work. You toss several stacks of paper in the trash, including a sticky note with your password written on it. Which of the following types of non-technical password attacks have you enabled?
False positive
You have configured an NIDS to monitor network traffic. Which of the following describes harmless traffic that has been identified as a potential attack by the NIDS device?
Tarpit
You have implemented a new application control solution. After monitoring traffic and use for a while, you have noticed an application that continuously circumvents blocking. How should you configure the application control software to handle this application?
Schedule regular full-system scans. Educate users about malware.
You have installed antivirus software on the computers on your network. You update the definition and engine files and configure the software to update those files every day. What else should you do to protect your systems from malware?
Web applications
SQL injections are a result of which of the following flaws?
Which of the following BEST describes phishing?
A fraudulent email that claims to be from a trusted organization.
Which of the following best describes a script kiddie?
A hacker who uses scripts written by much more talented individuals
Privilege escalation
A relatively new employee in the data entry cubical farm was assigned a user account similar to the other data entry employees' accounts. However, audit logs have shown that this user account has been used to change ACLs on several confidential files and has accessed data in restricted areas. This situation indicates which of the following has occurred?
Whaling
An attack that targets senior executives and high-profile victims is referred to as what?
Relay
An attacker has intercepted near-field communication (NFC) data and is using that information to masquerade as the original device. Which type of attack is being executed?
Spam
An attacker sends an unwanted and unsolicited email message to multiple recipients with an attachment that contains malware. Which kind of attack has occurred in this scenario?
Backdoor
An attacker was able to gain unauthorized access to a mobile phone and install a Trojan horse so that he or she could bypass security controls and reconnect later. Which type of attack is this an example of?
Shoulder surfing
Brandon is helping Fred with his computer. He needs Fred to enter his username and password into the system. Fred enters the username and password while Brandon is watching him. Brandon explains to Fred that it is not a good idea to allow anyone to watch you type in usernames or passwords. Which type of social engineering attack is Fred referring to?
In 2011, Sony was targeted by an SQL injection attack that compromised over one million emails, usernames, and passwords. Which of the following could have prevented the attack?
Careful configuration and penetration testing on the front end
Social engineering
Carl received a phone call from a woman who states that she is calling from his bank. She tells him that someone has tried to access his checking account, and she needs him to confirm his account number and password to discuss further details. He gives her his account number and password. Which of the following types of non-technical password attack has occurred?
MAC flooding
Causes packets to fill up the forwarding table and consumes so much of the switch's memory that it enters a state called Fail Open Mode.
Which of the following BEST describes a cyber terrorist?
Disrupts network-dependent institutions
OSINT (Open-source intelligence)
Gathering as much personally identifiable information (PII) on a target as possible is a goal of which reconnaissance method?
Threat feeds
In your role as a security analyst, you need to stay up to date on the latest threats. You are currently reviewing the latest real-time updates on cyberthreats from across the world. Which of the following resources are you MOST likely using?
Which of the following best describes spyware?
It monitors the actions you take on your machine and sends the information back to its originating source
You have run a vulnerability scanning tool and identified several patches that need to be applied to a system. What should you do next after applying the patches?
Run the vulnerability assessment again.
Availability loss
Sometimes, an attacker's goal is to prevent access to a system rather than to gain access. This form of attack is often called a denial-of-service attack and causes which impact?
ARP spoofing/poisoning
The source device sends frames to the attacker's MAC address instead of to the correct device.
SOAR (Security Orchestration, Automation, and Response)
Which of the following systems is able to respond to low-level security events without human assistance
Phishing
Users in your organization receive email messages informing them that suspicious activity has been detected on their bank accounts. They are directed to click a link in the email to verify their online banking username and password. The URL in the link is in the .ru top-level DNS domain. Which kind of attack has occurred?
Remote Access Trojan (RAT)
Which kind of malware provides an attacker with administrative control over a target computer through a backdoor?
Filters messages containing specific content Blocks email from specific senders
Which of the following are functions of gateway email spam filters?
Buffer overflow attack
Which of the following attacks is a form of software exploitation that transmits or submits a longer stream of data than the input variable is designed to handle?
Viewing calendar, emails, and messages on a mobile device without authorization
Which of the following best describes Bluesnarfing?
Trojan horse
Which of the following is a program that appears to be a legitimate application, utility, game, or screensaver, but performs malicious activities surreptitiously?
Password authentication
Which of the following is most vulnerable to a brute-force attack?
ARP poisoning
Which of the following is the term used to describe what happens when an attacker sends falsified messages to link their MAC address with the IP address of a legitimate computer or server on a network?
Bluejacking
Which of the following sends unsolicited business cards and messages to a Bluetooth device?
Reconnaissance
Which phase or step of a security assessment is a passive activity?
Vulnerability scanner
You want to be able to identify the services running on a set of servers on your network