



Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
CompTIA Certmaster CE Security+ Domain 2.0 Threats
Typology: Exams
1 / 6
This page cannot be seen from the preview
Don't miss anything!




During a cybersecurity attack, how would a threat actor use image files as a lure to target a vulnerability in a browser or document editing software? - ANSWER - A .The threat actor conceals exploit code within an image file that targets a vulnerability in the browser or document editing software. A large corporation is assessing its cybersecurity practices by focusing on potential security risks linked to hardware and firmware within the company's extensive network of computer systems. For the IT department, which of the following strategies MOST effectively mitigates the risks related to hardware and firmware security vulnerabilities? - ANSWER - B. Regularly update firmware to the latest, most secure versions. The server manager of a tech company observes a significant increase in server resource consumption, which is not proportional to the workload on the server. Which of the following is the MOST plausible cause for these observations? - ANSWER - A. Radio- frequency ID cloning (incorrect) C. Malware infection (incorrect) A cyber technician works on a corporate laptop where an employee complains the software is outdated. What type of vulnerability describes the continued use of outdated software methods, technology, computer systems, or application programs despite known shortcomings? - ANSWER - A. Legacy The security team in a financial organization identified a zero-day vulnerability that enables cross-site scripting (XSS) attacks on its internal web portal. The chief information security officer (CISO) instructs the team to take immediate action. Which action most effectively minimizes the threat from the zero-day vulnerability and the potential XSS attacks? - ANSWER - A. Implement a web application firewall (WAF). An IT security specialist at a mid-size corporation observes a trend of unauthorized apps appearing on company-provided mobile devices. The specialist suspects the employees are either sideloading apps or have jailbroken their devices. What steps should the security specialist take to verify the cause of the unauthorized applications and to re-establish proper security protocols? (Select the two best options.) - ANSWER - B. Implement mobile device management (MDM) policies to restrict unauthorized application installation. C. Conduct device audits to identify and detect unauthorized applications and signs of jailbreaking or sideloading. Which of the following is an example of a watering hole attack? - ANSWER - C. Compromising a site often visited by a target group to breach their devices. A systems administrator notices that several user accounts are frequently getting locked out. Simultaneously, during these lockout instances, the system did not record any logs. Which of the following is the MOST likely explanation for the lack of logs during these events? - ANSWER - C. Log tampering or deletion A system administrator is upgrading a company's network security infrastructure and notices several legacy machines running end-of-life operating systems (OS). These machines are no longer upgradeable as the developer has stopped issuing security patches and updates. However, the machines are still necessary for
certain critical tasks. What is the system administrator's MOST effective course of action to reduce potential security vulnerabilities caused by these legacy machines running end-of-life operating systems? - ANSWER - C. Isolate the legacy machines on a separate network segment. In a recent incident, a hacker group infiltrated a global financial institution's systems and stole the credit card information of millions of customers. The valuable information was soon available on the dark web. Based on the scenario, what is the MOST likely motivation of the hacker group? - ANSWER - B. Financial gain A major online retailer experiences a sudden halt in its services during the peak holiday shopping season. It traces the cause back to an orchestrated distributed denial of service (DDoS) attack, which overwhelmed the retailer's servers with traffic, making it impossible for legitimate users to access the site. This attack BEST aligns with which type of threat motivation? - ANSWER - B. Service disruption A multinational corporation recently fell victim to a series of cyberattacks, disrupting services and leading to significant financial losses. After an investigation, the corporation found that these attacks were part of a systematic campaign to undermine the corporation's market position. The highly sophisticated attacks suggest the involvement of a well-resourced entity with specific strategic objectives. Which of the following motivations BEST describes this scenario? - ANSWER - A. Political What social engineering attack relies on targeting individuals who frequent an unsecured third- party website to compromise their computers and gain access to a specific organization's systems?
behavior? - ANSWER - B. Network congestion (incorrect) C. Blocked content D. Server downtime (incorrect) The cybersecurity team at a large company has recently uncovered evidence of a successful malicious cryptographic attack on their data servers facilitated by a misconfiguration in the cryptographic systems. What is the MOST appropriate initial response that the team should employ to address this critical security issue? - ANSWER - B. Correct the misconfiguration, implementing secure cryptographic controls. What technique does the threat actor use in a Bluetooth network attack to transmit malicious files to a user's device? - ANSWER - D. Exploiting vulnerabilities or misconfigurations in the Bluetooth protocol A prominent multinational corporation has experienced an unexpected spike in unauthorized network traffic aimed at its web servers. Upon investigation, the corporation discovered that the goal of this traffic was to disrupt its online services rather than gain unauthorized access or steal data. The attack started shortly after the corporation made a controversial policy decision that sparked a public backlash. Which type of attacker is MOST likely responsible? - ANSWER - D. Hacktivist An organization's system alerting tool detects a series of unsuccessful attempts by someone trying to gain unauthorized access to its servers. These attempts lack sophistication and appear to be using publicly available hacking tools. Which type of threat actor is MOST likely responsible for these attempts? - ANSWER - A. Unskilled attacker A software engineer trains new employees on the impacts of hardware and software vulnerabilities. The trainees must analyze and identify the vulnerability in their training session. During the session, the trainees experience a vulnerability where an attacker with access to a virtual machine (VM) breaks out of this isolated environment and gains access to the host system or other VMs running on the same host. What type of vulnerability did the trainees experience in this situation? - ANSWER - C. Virtualization A company's cybersecurity team evaluates threats that could exploit vulnerabilities in its physical infrastructure. The team is specifically considering threats that can directly harm the company's systems and potentially damage data or services. What type of threat does this scenario BEST describe? - ANSWER - D. Network attacks A cybersecurity analyst for a large organization permits employees to use Instant Messaging (IM) services on their devices. Despite using encryption, the analyst's concern is the potential software vulnerabilities and difficulty scanning messages and attachments for threats. Which actions should the cybersecurity analyst use to address this concern? - ANSWER - A. Regularly update and patch the Instant Messaging apps to address any known software vulnerabilities. A software technician presents a forum on sideloading and jailbreaking to a group of new mobile users. Which of the following points will the technician include in their discussion of the use of jailbreaking? (Select the two best options.)
elevated privileges and access to system files on mobile devices. B. It allows users to install unauthorized applications and customize device appearance and behavior. An organization observes several computer systems in a secured area showing signs of damage, having various cables disconnected, or hardware component tampering. Which type of attack is likely responsible for these issues? - ANSWER - C. Physical attacks A threat actor exploits the vulnerabilities or misconfigurations in a device's wireless networking protocol to transmit a malicious file to a user's device. This scenario is an example of what type of networking vector? - ANSWER - A. Bluetooth Network In a rapidly evolving IT environment, a cloud service provider offers various services to businesses, enabling them to store and process data securely. To enhance security, the provider regularly updates its systems and software. Despite these efforts, a security researcher discovers a previously unknown vulnerability in one of the cloud-specific applications, leaving customer data exposed to potential threats. In this scenario, which vulnerability is the security researcher likely to have found in the cloud- specific application? - ANSWER - A. SQL injection vulnerability (incorrect) A system administrator at a software company is reviewing the company's security procedures. The company uses various cryptographic techniques for data security and is currently concerned about potential misconfigurations that could compromise data integrity and confidentiality. The system administrator aims to mitigate the risk of misconfigurations in the company's cryptographic settings that could lead to potential security vulnerabilities. Which of the following actions should the system administrator prioritize to ensure the cryptographic systems are well-configured and avoid possible security gaps? (Select the two best options.) - ANSWER - C. Regularly update and patch cryptographic software. D. Conduct periodic penetration testing. An organization's IT security team has discovered that a recent software update, unknowingly deployed, contained a zero-day exploit. This vulnerability has now made the company's systems susceptible to potential unauthorized access. Which of the following immediate actions should the security team execute to manage this zero-day exploit situation? - ANSWER - B. Isolate the impacted systems and apply a patch or remediation strategy. A security analyst is investigating a security breach in a network system that involves unauthorized access to user credentials and reusing them multiple times. What is the MOST likely type of attack that has occurred? - ANSWER - D. Credential replay A web designer at a cybersecurity corporation receives an email from what appears to be a trusted colleague within the company. The email requests sensitive financial information to complete an urgent transaction and looks legitimate, displaying the colleague's name, company logo, and formatting. What type of sophisticated phishing attack occurs in this scenario? - ANSWER - D. Business email compromise