Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

CCT.251 Exam 3 Questions and Answers, Exams of Advanced Education

American Public University System (APUS)Advanced Education

CCT.251 Exam 3 Questions and Answers

Typology: Exams

2024/2025

Available from 06/18/2025

Examwow
Examwow 🇺🇸

5

(2)

4.4K documents

1 / 5

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CCT.251 Exam 3 Questions and Answers
Which type of jailbreaking allows user-level access but does not allow iBoot-level
access? - ANS-userland
You are a passenger in an airport terminal. You glance across the terminal and notice a
man peering over the shoulder over a young woman as she uses her tablet. What do
you think he is doing? - ANS-Shoulder surfing
What is the term for gaining primary kernel access to an Android device? - ANS-Rooting
Which of the following allows an Android user to attain privileged control of the device? -
ANS-SuperOneClick
Jack receives a text message on his phone advising him of a major attack at his bank.
The message includes a link to check his accounts. After he clicks the link, an attacker
takes control of his accounts in the background. Which of the following attacks is Jack
facing? - ANS-Smishing
Which of the following tools is a vulnerability scanner for Android devices? - ANS-X-ray
Which of the following modbus-cli commands is used by attackers to manipulate the
register values in a target PLC device? - ANS-modbus write %MW100 2 2 2 2 2 2 2 2
modbus write 400101 2 2 2 2 2 2 2 2
Which of the following Purdue levels is commonly referred to as an industrial
demilitarized zone (IDMZ)? - ANS-Level 3.5
Which of the following is the most popular shortrange communication technology for IoT
devices? - ANS-Zigbee
In one of the following IoT attacks, attackers intercept legitimate messages from a valid
communication and continuously send the intercepted message to the target device to
perform a denial-of-service attack or crash the target device. Which is this IoT attack? -
ANS-Replay attack
Within IoT architecture, which of the following carries out message routing and
identification? - ANS-Access Gateway layer
Within the Attify Zigbee Framework, which of the following is used to discover target
devices within range? - ANS-zbstumbler
pf3
pf4
pf5

Partial preview of the text

Download CCT.251 Exam 3 Questions and Answers and more Exams Advanced Education in PDF only on Docsity!

CCT.251 Exam 3 Questions and Answers

Which type of jailbreaking allows user-level access but does not allow iBoot-level access? - ANS-userland You are a passenger in an airport terminal. You glance across the terminal and notice a man peering over the shoulder over a young woman as she uses her tablet. What do you think he is doing? - ANS-Shoulder surfing What is the term for gaining primary kernel access to an Android device? - ANS-Rooting Which of the following allows an Android user to attain privileged control of the device? - ANS-SuperOneClick Jack receives a text message on his phone advising him of a major attack at his bank. The message includes a link to check his accounts. After he clicks the link, an attacker takes control of his accounts in the background. Which of the following attacks is Jack facing? - ANS-Smishing Which of the following tools is a vulnerability scanner for Android devices? - ANS-X-ray Which of the following modbus-cli commands is used by attackers to manipulate the register values in a target PLC device? - ANS-modbus write %MW100 2 2 2 2 2 2 2 2 modbus write 400101 2 2 2 2 2 2 2 2 Which of the following Purdue levels is commonly referred to as an industrial demilitarized zone (IDMZ)? - ANS-Level 3. Which of the following is the most popular shortrange communication technology for IoT devices? - ANS-Zigbee In one of the following IoT attacks, attackers intercept legitimate messages from a valid communication and continuously send the intercepted message to the target device to perform a denial-of-service attack or crash the target device. Which is this IoT attack? - ANS-Replay attack Within IoT architecture, which of the following carries out message routing and identification? - ANS-Access Gateway layer Within the Attify Zigbee Framework, which of the following is used to discover target devices within range? - ANS-zbstumbler

Of the tools listed, which is the best choice for quickly discovering IP addresses of IoT devices on your network? - ANS-MultiPing In this attack on VANET, vehicles appear to be in multiple places at once, causing congestion and severely impairing the use of data. Which of the following best describes this attack? - ANS-Sybil Which of the following RFCrack commands is used by an attacker to perform an incremental scan on a target IoT device while launching a rolling-code attack? - ANS- python RFCrack.py -b -v 5000000 Which of the following components of an IoT framework must incorporate strong encryption techniques for secure communications between endpoints and the authentication mechanism for the edge components? - ANS-Gateway When considering the risks of local storage vs. third-party cloud storage, which statement is most accurate? - ANS-When storage is local, you are responsible and accountable for the storage services. Which of the following statements is not true? - ANS-Public cloud is operated over an intranet. Which of the following cloud deployment models is also known as the internal or corporate cloud and is a cloud infrastructure operated by a single organization and implemented within a corporate firewall? - ANS-Private cloud Cloud computing faces many of the same security concerns as traditional network implementations. Which of the following are considered threats to cloud computing? - ANS-All of these Answers:Abuse of servicesData breach or lossInsecure interfacesShared technology issues A company relies on a private cloud solution for most of its internal computing needs. After expanding into more online retailing, it relies on a portion of a public cloud for external sales and ecommerce offerings. Which of the following best describes the cloud deployment type in use? - ANS-Hybrid Which of the following modbus-cli commands is used by attackers to manipulate the register values in a target PLC device? - ANS-modbus write %MW100 2 2 2 2 2 2 2 2 modbus write 400101 2 2 2 2 2 2 2 2 Which of the following Purdue levels is commonly referred to as an industrial demilitarized zone (IDMZ)? - ANS-Level 3. Which of the following is the most popular shortrange communication technology for IoT devices? - ANS-Zigbee

external sales and ecommerce offerings. Which of the following best describes the cloud deployment type in use? - ANS-Hybrid What is war dialing (think about AUX lines on a switch)? - ANS-An adversary dialing to see what modems are open An attacker is using Shodan to search for devices on a target. She types the following as the search string: webcam geo:"-85.97,31.81". Which of the following correctly describes this action? - ANS-The attacker is searching for webcams in the geographic location -31.80, 85.95 (longitudeand latitude). In which of the following attacks does an attacker dump memory by rebooting a victim's device with a malicious OS and then extract sensitive data from the dumped memory? - ANS-OS data caching In one of the following jailbreaking techniques, a user turns their device off and back on, following which the device starts up completely and the kernel is patched without the help of a computer. Which is this jailbreaking technique? - ANS-Untethered jailbreaking Which of the following is not a benefit of virtualization? - ANS-It locks individual hardware to each individual virtual machine. Which of the following statements is true regarding cloud computing? - ANS-Security in the cloud is the responsibility of both the consumer and the provider. A subscriber purchases machine virtualization and hosting through Amazon EC2. Which of the following cloud computing types does this describe? - ANS-IaaS Which cloud deployment model is also known as "single tenant"? - ANS-Private You are a security analyst hired to determine Company X's possible response strategies to various cloud-based threats. You determine that there is a vulnerability to SQL injection as well as kernel-level rootkits. - ANS-Restore from local backup media Which of the following protocols is often used for data compression, digital signing, encryption and decryption of messages, emails, files, and directories as well as to enhance the privacy of email communications? - ANS-PGP What term refers to the statutory obligation of a company to disclose its cryptographic keys to government agencies? - ANS-GAK After TLS had largely replaced SSL for secure communications, many browsers retained backward compatibility to SSL 3.0. Which vulnerability takes advantage of the degradation of service down to SSL 3.0 in the TLS handshake? - ANS-POODLE

Within a PKI system, which of the following is an accurate statement? - ANS-Bill can be sure a message came from Sue by using her public key to decrypt the digital signature. Out of the following, which is one of RSA's registered key strengths? - ANS-1,024 bits Which of the following has no key associated with it? - ANS-MD Which of the following methods should be used to check for the Heartbleed vulnerability? - ANS-Use the ssl-heartbleed script in nmap. Which of the following is a true statement? - ANS-Symmetric encryption does not scale easily and does not provide for nonrepudiation. Which encryption was selected by NIST as the principal method for providing confidentiality after the DES algorithm? - ANS-AES What is the XOR output of 01010101 and 11001100? - ANS-