Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

Cybersecurity Concepts and Vulnerabilities, Exams of Security Analysis

An overview of various cybersecurity concepts, including vulnerabilities, security threats, and attack techniques. It covers topics such as the relationship between security and convenience, the motivations of cyberterrorists, social engineering principles, malware types, network-based attacks, and access control mechanisms. The document aims to educate readers on the fundamental principles of information security and the strategies used by both attackers and defenders to protect against cyber threats. By understanding these concepts, individuals can better assess and mitigate the risks associated with the use of technology in personal and professional settings.

Typology: Exams

2023/2024

Available from 10/09/2024

TUTOR1
TUTOR1 🇺🇸

3.5

(14)

2.2K documents

1 / 20

Toggle sidebar

Related documents


Partial preview of the text

Download Cybersecurity Concepts and Vulnerabilities and more Exams Security Analysis in PDF only on Docsity!

COMPTIA SECURITY+ GUIDE TO NETWORK SECURITY

FUNDAMENTALS SPRING EXAM Questions with 100%

verified Answers Latest Updates 2024 GRADE A+

One of the challenges in combating cyberterrorism is that many of the prime targets are not owned and managed by the federal government. (true/false) - Answer>>True A vulnerability is a flaw or weakness that allows a threat to bypass security. (true/false) - Answer>>True The CompTIA Security+ certification is a vendor-neutral credential. (true/false) - Answer>>True Smart phones give the owner of the device the ability to download security updates. (true/false) - Answer>>False The Security Administrator reports directly to the CIO. (true/false) - Answer>>False What is the category of threat actors that sell their knowledge of vulnerabilities to other attackers or governments? - Answer>>Brokers Adone is attempting to explain to his friend the relationship between security and convenience. Which of the following statements would he use? - Answer>>"Security and convenience are inversely proportional." Which of the following is an enterprise critical asset? - Answer>>Information An organization that practices purchasing products from different vendors is demonstrating which security principle? - Answer>>Diversity

Which of the following is NOT true regarding security? - Answer>>Security is a war that must be won at all costs. What level of security access should a computer user have to do their job? - Answer>>least amount To date, the single most expensive malicious attack occurred in 2000, which cost an estimated $8.7 billion. What was the name of this attack? - Answer>>Love Bug Which of the following is a common security framework? (Choose all that apply.) - Answer>>ISO, RFC, COBIT Select the information protection item that ensures that information is correct and that no unauthorized person or malicious software has altered that data. - Answer>>integrity In what kind of attack can attackers make use of millions of computers under their control in an attack against a single server or network? - Answer>>distributed Successful attacks are usually not from software that is poorly designed and has architecture/design weaknesses. (true/false) - Answer>>False As security is increased, convenience is often increased. (true/false) - Answer>>False Why do cyberterrorists target power plants, air traffic control centers, and water systems? - Answer>>They can cause significant disruption by destroying only a few targets. Gunnar is creating a document that explains risk response techniques. Which of the following would he NOT list and explain in his document? - Answer>>Extinguish risk

Which tool is most commonly associated with nation state threat actors? - Answer>>Advanced Persistent Threat (APT) What information security position reports to the CISO and supervises technicians, administrators, and security staff? - Answer>>security manager What term best describes any premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against noncombatant targets by subnational groups or clandestine agents? - Answer>>cyberterrorism Which term below is frequently used to describe the tasks of securing information that is in a digital format? - Answer>>information security According to the U.S. Bureau of Labor Statistics, what percentage of growth for information security analysts is the available job outlook supposed to reach through 2024? - Answer>> What specific type of phishing attack uses the telephone to target a victim? - Answer>>vishing What social engineering principal convinces a victim an immediate action is needed? - Answer>>urgency What type of undocumented yet benign hidden feature launches after a special set of commands, key combinations, or mouse clicks? - Answer>>Easter egg Which of the following is not one of the four methods for classifying the various instances of malware by using the primary trait that the malware possesses? - Answer>>Source One of the armored virus infection techniques utilizes encryption to make virus code more difficult to detect, in addition to separating virus code into different pieces and inject these pieces throughout the infected program code. What is the name for this technique? - Answer>>Swiss cheese

Two types of malware have the primary trait of circulation. These are viruses and worms. (true/false) - Answer>>True Social engineering impersonation means to masquerade as a real or fictitious character and then play out the role of that person on a victim. (true/false) - Answer>>True A virus self-replicates on the host computer and spreads to other computers by itself. (true/false) - Answer>>False Vishing is a false warning, often contained in an email message claiming to come from the IT department. (true/false) - Answer>>False Once the malware reaches a system through circulation, then it must embed itself into that system. (true/false) - Answer>>True A watering hole attack is directed against _____. - Answer>>a smaller group of specific users Ebba received a message from one of her tech support employees. In violation of company policy, a user had downloaded a free program to receive weather reports, but the program had also installed malware on the computer that gave the threat actor unrestricted access to the computer. What type of malware had been downloaded? - Answer>>RAT Which of these could NOT be defined as a logic bomb? - Answer>>Send spam email to Moa's inbox on Tuesday. Which statement regarding a keylogger is NOT true? - Answer>>Software keyloggers are generally easy to detect. Each of these is a reason why adware is scorned EXCEPT _____. - Answer>>it displays the attacker's programming skills

A virus that infects an executable program file is known as? - Answer>>program virus What social engineering principal frightens and coerces a victim by using threats? - Answer>>intimidation What term below is used to describe the process of gathering information for an attack by relying on the weaknesses of individuals? - Answer>>social engineering What type of system security malware allows for access to a computer, program, or service without authorization? - Answer>>backdoor What type of software can be installed in an individual's web browser to prevent ads from displaying? - Answer>>ad blocking Phishing is sending an email or displaying a web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information. (true/false) - Answer>>True Vishing is a false warning, often contained in an email message claiming to come from the IT department. - Answer>>False A virus self-replicates on the host computer and spreads to other computers by itself. - Answer>>False Which of the following is not a primary trait of malware? - Answer>>diffusion What is the name of the threat actor's computer that gives instructions to an infected computer? - Answer>>Command and control (C&C) server

What is the term used for a threat actor who controls multiple bots in a botnet? - Answer>>bot herder Which type of attack broadcasts a network request to multiple computers but changes the address from which the request came to the victim's computer? - Answer>>smurf attack What attack occurs when a domain pointer that links a domain name to a specific web server is changed by a threat actor? - Answer>>domain hijacking Which of the following are considered to be interception attacks? (Choose all that apply.) - Answer>>man-in-the-middle, replay attacks Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database? - Answer>>whatever' AND email IS NULL; -- If an attacker purchases and uses a URL that is similar in spelling and looks like a well-known web site in order for the attacker to gain Web traffic to generate income, what type of attack are they using? - Answer>>URL hijacking The return address is the only element that can be altered in a buffer overflow attack. (true or false) - Answer>>False The malicious content of an XSS URL is confined to material posted on a website. (true or false)

  • Answer>>False A buffer overflow attack occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer. (true or false) - Answer>>True A DNS amplification attack floods an unsuspecting victim by redirecting valid responses to it. (true or false) - Answer>>True

XSS is like a phishing attack but without needing to trick the user into visiting a malicious website. (true or false) - Answer>>True What type of attack involves manipulating third-party ad networks? - Answer>>Malvertising What is a session token? - Answer>>a random string assigned by a web server What is the basis of an SQL injection attack? - Answer>>to insert SQL statements through unfiltered user input Newton is concerned that attackers could be exploiting a vulnerability in software to gain access to resources that the user normally would be restricted from accessing. What type of attack is he worried about? - Answer>>Privilege escalation Which of the following adds new functionality to the web browser so that users can play music, view videos, or display special graphical images within the browser? - Answer>>Plug-ins The management in your corporate office needs to group users on the network together logically even though they are attached to separate network switches. How can this be done? - Answer>>Create a VLAN and add the users' computers / ports to the correct VLAN What specific type of hardware card inserts into a web server that contains one or more co- processors to handle SSL/TLS processing? - Answer>>SSL/TLS accelerator Which of the following is a system of security tools that are used to recognize and identify data that is critical to the organization and ensure that it is protected? - Answer>>data loss prevention What data unit is associated with the Open Systems Interconnection layer two? - Answer>>frame

When VPN network traffic is routing only some traffic over the secure VPN while other traffic directly accesses the Internet, what technology is being used? - Answer>>split tunneling One use of data loss prevention (DLP) is blocking the copying of files to a USB flash drive. (true or false) - Answer>>True NAT is not a specific device, technology, or protocol. It is a technique for substituting IP addresses. (true or false) - Answer>>True Workgroup switches must work faster than core switches. (true or false) - Answer>>False Behavior-based monitoring attempts to overcome the limitations of both anomaly-based monitoring and signature-based monitoring by being more adaptive and proactive instead of reactive. (true or false) - Answer>>True A security advantage of VLANs is that they can be used to prevent direct communication between servers. (true or false) - Answer>>True Isabella is a security support manager for a large enterprise. In a recent meeting, she was asked which of the standard networking devices already present on the network could be configured to supplement the specific network security hardware devices that were recently purchased. Which of these standard networking devices would Isabella recommend? - Answer>>router Raul was asked to configure the VPN to preserve bandwidth. Which configuration would he choose? - Answer>>Split tunnel How does network address translation (NAT) improve security? - Answer>>It discards unsolicited packets.

Which statement regarding a demilitarized zone (DMZ) is NOT true? - Answer>>It contains servers that are used only by internal network users. Which of the following is a multipurpose security device? - Answer>>Unified Threat Management (UTM) What device operates at the Network Layer (layer 3) of the OSI model and forwards packets across computer networks? - Answer>>router What plane is used to allow SDN to virtualize parts of the physical network so that it can be more quickly and easily reconfigured? - Answer>>data plane Which of the following protocols is used to manage network equipment and is supported by most network equipment manufacturers? - Answer>>SNMP Which technology is a means of managing and presenting computer resources by function without regard to their physical layout or location? - Answer>>virtualization When using SNMPv1 or SNMPv2, what piece of information is needed to view information from an agent? - Answer>>community string S/MIME can be used when mail is accessed through a web browser. (true or false) - Answer>>False Trivial File Transfer Protocol (TFTP) uses more memory when compared to FTP. (true or false) - Answer>>False File integrity check (FIC) is a service that can monitor any changes made to computer files, such as operating system files. (true or false) - Answer>>True

Type I hypervisors run on the host operating system. (true or false) - Answer>>False A correlation engine aggregates and correlates content from different sources to uncover an attack. (true or false) - Answer>>True Which type of device log contains the most beneficial security data? - Answer>>firewall log Which of these is the most secure protocol for transferring files? - Answer>>SFTP Which of the following TCP/IP protocols do not relate to security? - Answer>>IP Which Domain Name System (DNS) attack replaces a fraudulent IP address for a symbolic name? - Answer>>DNS poisoning Which version of Simple Network Management Protocol (SNMP) is considered the most secure? - Answer>>SNMPv A Bluetooth attack in which the attacker accesses unauthorized information from a wireless device using a Bluetooth connection, is known as which of the following terms? - Answer>>Bluesnarfing What device acts like a wireless base station in a network, acting as a bridge between wireless and wired networks? - Answer>>access Point An access point that is unauthorized and allows an attacker to bypass network security configurations is considered to be what type of access point? - Answer>>rogue Which of the following self-contained APs are autonomous, or independent, because they are separate from other network devices and even other autonomous APs? - Answer>>fat APs

Slave devices that are connected to a piconet and are sending transmissions are known as what? - Answer>>active slave Near field communication (NFC) is a set of standards used to establish communication between devices in very close proximity. (true or false) - Answer>>True In a bluesnooping attack, the attacker copies emails, calendars, contact lists, cell phone pictures, or videos by connecting to the Bluetooth device without the owner's knowledge or permission. (true or false) - Answer>>False The current Bluetooth version is Bluetooth 6. (true or false) - Answer>>False In ad hoc mode, devices can only communicate between themselves and cannot connect to another network. (true or false) - Answer>>True For IEEE WLANs, the maximum transmit power is 200 milliwatts (mW). (true or false) - Answer>>True The primary design of a(n) _____ is to capture the transmissions from legitimate users. - Answer>>evil twin WPA replaces WEP with _____. - Answer>>Temporal Key Integrity Protocol (TKIP) Minh has been asked to recommend an EAP for a system that uses both passwords and tokens with TLS. Which should she recommend? - Answer>>EAP-FAST What is a difference between NFC and RFID? - Answer>>RFID is designed for paper-based tags while NFC is not.

Which of these is a vulnerability of MAC address filtering? - Answer>>MAC addresses are initially exchanged unencrypted. Anti-virus products typically utilize what type of virus scanning analysis? - Answer>>Static analysis What type of tools are involved in effective patch management? - Answer>>patch reception, patch distribution What type of OS in firmware is designed to manage a specific device like a video game console?

  • Answer>>appliance OS The BIOS was software that was integrated into the computer's motherboard. (True or False) - Answer>>False In the production stage the application is released to be used in its actual setting. (True or False) - Answer>>True Which of the following can be used to secure a laptop or mobile device? - Answer>>Cable lock Which of the following is NOT a typical OS security configurations? - Answer>>Restricting patch management Which stage is a "quality assurance" test that verifies the code functions as intended? - Answer>>Staging stage Which option allows a mobile device to be configured so that the device automatically unlocks and stays unlocked until a specific action occurs? - Answer>>context-aware authentication

Which enterprise deployment model requires employees to choose from a selection of company owned and approved devices? - Answer>>COPE MDM tools cannot provide the ability to detect and restrict jailbroken and rooted devices. (True or False) - Answer>>False Mobile devices using location services are at increased risk of targeted physical attacks. (True or False) - Answer>>True What enforces the location in which an app can function by tracking the location of the mobile device? - Answer>>geofencing Which of these is considered the strongest type of passcode to use on a mobile device? - Answer>>password Gaetan has attempted to enter the passcode for his mobile device but keeps entering the wrong code. Now he is asked to enter a special phrase to continue. Which configuration setting is enabled on Gaetan's mobile device? - Answer>>reset to factory settings An independently rotating large cup affixed to the top of a fence prevents the hands of intruders from gripping the top of a fence to climb over it. What is the name for this technology? - Answer>>roller barrier What is the name for a cumulative package of all patches and hot-fixes as well as additional features up to a given point? - Answer>>service pack Which of the following are application development stages? - Answer>>staging, testing Static program analyzers are tools that examine the software without actually executing the program; instead, the source code is reviewed and analyzed. (True or False) - Answer>>True

An access log is a record or list of individuals who have permission to enter a secure area, along with the time they entered and the time they left the area. (True or False) - Answer>>True How can an SDIO card be made secure? - Answer>>Using the security mechanisms on a standard Wi-Fi network. Which of these is a list of approved email senders? - Answer>>Whitelist Which type of residential lock is most often used for keeping out intruders? - Answer>>Keyed entry lock What type of software is specifically designed for a SoC in an embedded system? - Answer>>RTOS Which of the following systems is located in a satellite and regenerates a signal that is sent back to earth at another frequency? - Answer>>repeater Virtual machines store sensitive applications and data on a remote server that is accessed through a smartphone. (True or False) - Answer>>False As a class, tablets are devices that closely resemble standard desktop computers. (True of False)

  • Answer>>False Paavo was reviewing a request by an executive for a new subnotebook computer. The executive said that he wanted USB OTG support and asked Paavo's opinion regarding its security. What would Paavo tell him about USB OTG security? - Answer>>Connecting a mobile device as a peripheral to an infected computer could allow malware to be sent to that device. In her job interview, Xiu asks about the company policy regarding smartphones. She is told that employees may choose from a limited list of approved devices but that she must pay for the

device herself; however, the company will provide her with a monthly stipend. Which type of enterprise deployment model does this company support? - Answer>>CYOD What specific type of authentication can be based on where the user is located? - Answer>>geolocation What federated identity management (FIM) relies on token credentials? - Answer>>OAuth Which of the following options prevents a logon after a set number of failed logon attempts within a specified period and can also specify the length of time that the lockout is in force? - Answer>>password lockout The use of a single authentication credential that is shared across multiple networks is called: - Answer>>identity management Which term below describes the time it takes for a key to be pressed and then released? - Answer>>dwell time Most password attacks today are an offline attack. (True or False) - Answer>>True Hash algorithms like MD5 and SHA are considered secure for creating digests because these hashing algorithms are designed to create a digest as strong as possible. (True or False) - Answer>>False A hardware security token is typically a small device with a window display. - Answer>>True Brute force attacks can be very slow because every character combination must be generated. (True or False) - Answer>>True Keystroke dynamics uses two unique typing variables. (True or False) - Answer>>True

Which of these is NOT a reason why users create weak passwords? - Answer>>Most sites force users to create weak passwords even though they do not want to. Which type of password attack is a more targeted brute force attack that uses placeholders for characters in certain positions of the password? - Answer>>Mask attack A TOTP token code is generally valid for what period of time? - Answer>>For as long as it appears on the device What is a token system that requires the user to enter the code along with a PIN called? - Answer>>Multifactor authentication system Ilya has been asked to recommend a federation system technology that is an open source federation framework that can support the development of authorization protocols. Which of these technologies would he recommend? - Answer>>OAuth Which of the following is a category of group password settings in Microsoft Windows? - Answer>>Account Lockout Policy, Password Policy Settings What variation of a dictionary attack involves a dictionary attack combined with a brute force attack, and will slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters? - Answer>>hybrid What federated identity management (FIM) relies on token credentials? - Answer>>OAuth A TOTP changes after a set period. (True or False) - Answer>>True A hardware security token is typically a small device with a window display. (True or False) - Answer>>True

Voice recognition is identical to speech recognition. (True or False) - Answer>>False Most password attacks today are an offline attack. (True or False) - Answer>>True Hash algorithms like MD5 and SHA are considered secure for creating digests because these hashing algorithms are designed to create a digest as strong as possible. (True or False) - Answer>>False Which authentication factor is based on a unique talent that a user possesses? - Answer>>What you do _____ biometrics is related to the perception, thought processes, and understanding of the user. - Answer>>Cognitive Timur was making a presentation regarding how attackers break passwords. His presentation demonstrated the attack technique that is the slowest yet most thorough attack that is used against passwords. Which of these password attacks did he demonstrate? - Answer>>Brute force attack Which human characteristic is NOT used for biometric identification? - Answer>>Height Which major types of access involving system resources are controlled by ACLs? - Answer>>system access, user access, application access When using Role Based Access Control (RBAC), permissions are assigned to which of the following? - Answer>>Roles What framework is used for transporting authentication protocols instead of the authentication protocol itself? - Answer>>EAP

Which of the following is a database stored on the network itself that contains information about users and network devices? - Answer>>directory service What is an entry in an ACL known as? - Answer>>ACE Permission auditing and review is intended to examine the permissions that a user has been given to determine if each is still necessary. (True or False) - Answer>>True Authentication, authorization, and accounting are sometimes called AAA. (True or False) - Answer>>True Employee onboarding refers to the tasks associated with hiring a new employee. (True or False)

  • Answer>>True A Local Group Policy (LGP) has more options than a Group Policy. (True or False) - Answer>>False Attribute-Based Access Control (ABAC) grants permissions by matching object labels with subject labels based on their respective levels. (True or False) - Answer>>False With the development of IEEE 802.1x port security, what type of authentication server has seen even greater usage? - Answer>>RADIUS How is the Security Assertion Markup Language (SAML) used? - Answer>>It allows secure web domains to exchange user authentication and authorization data. Which Microsoft Windows feature provides group-based access control for centralized management and configuration of computers and remote users who are using Active Directory?
  • Answer>>Group Policy

Which statement about Rule-Based Access Control is true? - Answer>>It dynamically assigns roles to subjects based on rules. Which of the following involves rights given to access specific resources? - Answer>>Access The action that is taken by a subject over an object is called a(n): - Answer>>operation When LDAP traffic is made secure by using Secure Sockets Layer (SSL) or Transport Layer Security (TLS), what is this process called? - Answer>>LDAPS What is the name for a predefined framework that can be used for controlling access, and is embedded into software and hardware? - Answer>>access control model What kind of attack allows for the construction of LDAP statements based on user input statements, which can then be used to access the LDAP database or modify the database's information? - Answer>>LDAP injection ACLs provide file system security for protecting files managed by the user. (True or False) - Answer>>False Least privilege in access control means that only the minimum amount of privileges necessary to perform a job or function should be allocated. (True or False) - Answer>>True Authorization is granting permission for admittance. (True or False) - Answer>>True Which can be used to establish geographical boundaries where a mobile device can and cannot be used? - Answer>>Location-based policies What is the least restrictive access control model? - Answer>>DAC

What is the version of the X.500 standard that runs on a personal computer over TCP/IP? - Answer>>LDAP Which of the following would NOT be considered as part of a clean desk policy? - Answer>>Do not share passwords with other employees. Which of the following is the Microsoft version of EAP? - Answer>>MS-CHAP