Security+? Practice Tests
上QQ阅读APP看书,第一时间看更新

1. Threats, Attacks, and Vulnerabilities

Domain 1 Questions

  1. After conducting a vulnerability scan of her network, Wendy discovered the issue shown here on several servers. What is the most significant direct impact of this vulnerability?

    Figure 1.1

    A. Attackers may eavesdrop on network communications.

    B. Attackers may use this information to gain administrative privileges.

    C. Encryption will not protect credentials for this account.

    D. Automated attacks are more likely to succeed.

  2. Pete is investigating a domain hijacking attack against his company that successfully redirected web traffic to a third-party website. Which one of the following techniques is the most effective way to carry out a domain hijacking attack?

    A. ARP poisoning

    B. Network eavesdropping

    C. DNS poisoning

    D. Social engineering

  3. Which one of the following characters is the most important to restrict when performing input validation to protect against XSS attacks?

    A. <

    B. !

    C. $

    D. '

  4. Darren is investigating an attack that took place on his network. When he visits the victim's machine and types www.mybank.com into the address bar, he is directed to a phishing site designed to look like a legitimate banking site. He then tries entering the IP address of the bank directly into the address bar and the legitimate site loads. What type of attack is likely taking place?

    A. IP spoofing

    B. DNS poisoning

    C. ARP spoofing

    D. Typosquatting

  5. Which one of the following technologies must be enabled on a wireless network for a Pixie Dust attack to succeed?

    A. SSID broadcasting

    B. WPS

    C. WPA

    D. WEP

  6. During forensic analysis, Drew discovered that an attacker intercepted traffic headed to networked printers by modifying the printer drivers. His analysis revealed that the attacker modified the code of the driver to transmit copies of printed documents to a secure repository. What type of attack took place?

    A. Refactoring

    B. Shimming

    C. Swapping

    D. Recoding

  7. What type of scan can best help identify cases of system sprawl in an organization?

    A. Database scan

    B. Web application scan

    C. Detailed scan

    D. Discovery scan

  8. Scott is reviewing a list of cryptographic cipher suites supported by his organization's website. Which one of the following algorithms is not secure and may expose traffic to eavesdropping attacks?

    A. ECC

    B. 3DES

    C. AES

    D. DES

  9. Brenda is selecting the tools that she will use in a penetration test and would like to begin with passive techniques. Which one of the following is not normally considered a passive reconnaissance technique?

    A. Social engineering

    B. Wireless network eavesdropping

    C. Open source intelligence

    D. Domain name searches

  10. Scott is a security administrator for a federal government agency. He recently learned of a website that advertises jobs for former government employees. When he accessed the site, the site launched code in his browser that attempted to install malicious software on his system. What type of attack took place?

    A. Denial of service

    B. Watering hole

    C. Spyware

    D. Trojan horse

  11. Paul received an email warning him that a new virus is circulating on the internet and that he needs to apply a patch to correct the problem. The message is branded with a Microsoft header. The virus message is actually a hoax and the patch contains malicious code. What principle of social engineering best describes what the attacker is trying to exploit by including the Microsoft header?

    A. Consensus

    B. Scarcity

    C. Trust

    D. Intimidation

  12. Kristen conducts a vulnerability scan against her organization's network and discovers a file server with the vulnerability shown here. Which one of the following actions is the best way to remediate this vulnerability?

    Figure 1.2

    A. Discontinue the file transfer service

    B. Require strong passwords

    C. Switch to SFTP

    D. Require multifactor authentication

  13. Frank is the new CISO at a mid-sized business. Upon entering his role, he learns that the organization has not conducted any security training for their sales team. Which one of the following attacks is most likely to be enabled by this control gap?

    A. Buffer overflow

    B. Social engineering

    C. Denial of service

    D. ARP poisoning

  14. After conducting security testing, Bruce identifies a memory leak issue on one of his servers that runs an internally developed application. Which one of the following team members is most likely able to correct this issue?

    A. Developer

    B. System administrator

    C. Storage administrator

    D. Security analyst

  15. Greg recently detected a system on his network that occasionally begins sending streams of TCP SYN packets to port 80 at a single IP address for several hours and then stops. It later resumes, but directs the packets to a different address. What type of attack is taking place?

    A. Port scanning

    B. DDoS

    C. IP scanning

    D. SQL injection

  16. During a security assessment, Ryan learns that the Accounts Receivable department prints out records containing customer credit card numbers and files them in unlocked filing cabinets. Which one of the following approaches is most appropriate for resolving the security issues this situation raises?

    A. Physically secure paper records

    B. Encrypt sensitive information

    C. Modify business process

    D. Monitor areas containing sensitive records

  17. Jaime is concerned that users in her organization may fall victim to DNS poisoning attacks. Which one of the following controls would be most helpful in protecting against these attacks?

    A. DNSSEC

    B. Redundant DNS servers

    C. Off-site DNS servers

    D. Firewall rules

  18. Irene is reviewing the logs from a security incident and discovers many entries in her database query logs that appear similar to the ones shown here. What type of attack was attempted against her server?

    Figure 1.3

    A. Error-based SQL injection

    B. Timing-based SQL injection

    C. TOC/TOU

    D. LDAP injection

  19. Carl is concerned that his organization's public DNS servers may be used in an amplification attack against a third party. What is the most effective way for Carl to prevent these servers from being used in an amplification attack?

    A. Disable open resolution

    B. Block external DNS requests

    C. Block internal DNS requests

    D. Block port 53 at the firewall

  20. What is the purpose of a DNS amplification attack?

    A. Resource exhaustion

    B. Host redirection

    C. Record poisoning

    D. Man-in-the-middle attack

  21. Angie is investigating a piece of malware found on a Windows system in her organization. She determines that the malware forced a running program to load code stored in a library. What term best describes this attack?

    A. DLL injection

    B. SQL injection

    C. Pointer dereference

    D. Buffer overflow

  22. Which one of the following threat sources is likely to have the highest level of sophistication?

    A. Organized crime

    B. Hacktivist

    C. APT

    D. Script kiddie

  23. In which of the following types of penetration test does the attacker not have any access to any information about the target environment prior to beginning the attack?

    A. Grey box

    B. White box

    C. Red box

    D. Black box

  24. Bill is securing a set of terminals that are being used to access a highly sensitive web application. He would like to protect against a man-in-the-browser attack. Which one of the following actions would be most effective in meeting Bill's goal?

    A. Disabling browser extensions

    B. Requiring multifactor authentication

    C. Requiring TLS encryption

    D. Disabling certificate pinning

  25. Kevin runs a vulnerability scan on a system on his network and identifies a SQL injection vulnerability. Which one of the following security controls is likely not present on the network?

    A. TLS

    B. DLP

    C. IDS

    D. WAF

  26. Maureen is implementing TLS encryption to protect transactions that are being run against her company's web services infrastructure. Which one of the following cipher suites would not be an appropriate choice?

    A. AES256-CCM

    B. ADH-RC4-MD5

    C. ECDHE-RSA-AES256-SHA384

    D. DH-RSA-AES256-GCM-SHA384

  27. Val runs a vulnerability scan of her network and finds issues similar to the one shown here on many systems. What action should Val take?

    Figure 1.4

    A. Immediately replace all certificates

    B. Conduct a risk assessment

    C. No action is necessary

    D. Replace certificates as they expire

  28. Barry would like to identify the mail server being used by an organization. Which one of the following DNS record types identifies a mail server?

    A. MX

    B. A

    C. CNAME

    D. SOA

  29. Gina runs a vulnerability scan of a server in her organization and receives the results shown here. What corrective action could Gina take to resolve these issues without disrupting the service?

    Figure 1.5

    A. Update RDP encryption

    B. Update HTTPS encryption

    C. Disable the network port

    D. No action is necessary

  30. Carl is a help desk technician and received a call from an executive who received a suspicious email message. The content of the email appears as follows. What type of attack most likely took place?

    Figure 1.6

    A. Whaling

    B. Spear phishing

    C. Vishing

    D. Phishing

  31. Dan is a cybersecurity analyst. Each day, he retrieves log files from a wide variety of security devices and correlates the information they contain, searching for unusual patterns of activity. What security control is likely lacking in Dan's environment?

    A. Firewall management tools

    B. IPS

    C. SIEM

    D. NAC

  32. Which one of the following security controls would be MOST effective in combatting buffer overflow attacks?

    A. IDS

    B. VPN

    C. DLP

    D. ASLR

  33. Mary believes that her network was the target of a wireless networking attack. Based upon the Wireshark traffic capture shown here, what type of attack likely took place?

    Figure 1.7

    A. Disassociation

    B. IV accumulation

    C. Replay

    D. Bluesnarfing

  34. Gary is concerned about the susceptibility of his organization to phishing attacks. Which one of the following controls will best defend against this type of attack?

    A. Encryption

    B. User training

    C. Firewall

    D. Background checks

  35. In which one of the following types of spoofing attack is the attacker often able to establish two-way communication with another device?

    A. Email spoofing

    B. MAC spoofing

    C. IP spoofing

    D. RFID spoofing

  36. Rob is conducting a penetration test against a wireless network and would like to gather network traffic containing successful authentication attempts, but the network is not heavily trafficked and he wants to speed up the information gathering process. What technique can he use?

    A. Replay

    B. Brute force

    C. Rainbow table

    D. Disassociation

  37. Joe considers himself a hacker but generally does not develop his own exploits or customize exploits that have been developed by others. Instead, he downloads exploits from hacker sites and attempts to apply them to large numbers of servers around the internet until he finds one that is vulnerable. What type of hacker is Joe?

    A. 31337 h4x0r

    B. APT

    C. Script kiddie

    D. Penetration tester

  38. Julie is beginning a penetration test against a client and would like to begin with passive reconnaissance. Which one of the following tools may be used for passive reconnaissance?

    A. Metasploit

    B. Nmap

    C. Nessus

    D. Aircrack-ng

  39. Jake is responsible for the security of his organization's digital certificates and their associated keys. Which one of the following file types is normally shared publicly?

    A. PEM file

    B. CRT file

    C. CSR file

    D. KEY file

  40. Which one of the following malware tools is commonly used by attackers to escalate their access to administrative privileges once they have already compromised a normal user account on a system?

    A. Bot

    B. Rootkit

    C. RAT

    D. Logic bomb

  41. Paul has detected the vulnerability shown here in one of his systems. He has several other high priority projects waiting for his attention and needs to prioritize this issue. What should he do?

    Figure 1.8

    A. Immediately prioritize the remediation of this vulnerability over all other tasks.

    B. Take no action.

    C. Complete the pressing tasks on his current projects and then correct this vulnerability.

    D. Hire a vendor to remediate the vulnerability.

  42. Gary recently gained access to a salted and hashed password file from a popular website and he would like to exploit it in an attack. Which one of the following attacks would be most productive if the website has a password policy requiring complex passwords?

    A. Offline brute force

    B. Online brute force

    C. Dictionary

    D. Rainbow table

  43. Vivian is investigating a website outage that brought down her company's e-commerce platform for several hours. During her investigation, she noticed that the logs are full of millions of connection attempts from systems around the world, but those attempts were never completed. What type of attack likely took place?

    A. Cross-site scripting

    B. DDoS

    C. DoS

    D. Cross-site request forgery

  44. In which one of the following attacks against Bluetooth technology is the attacker able to steal information from the device?

    A. Blueballing

    B. Bluejacking

    C. Bluesnarfing

    D. Bluefeeding

  45. What is the most dangerous consequence that commonly occurs as the result of a buffer overflow attack?

    A. Account enumeration

    B. Denial of service

    C. Information disclosure

    D. Arbitrary command execution

  46. Which one of the following would not be considered an OSINT tool?

    A. Website perusal

    B. WHOIS lookups

    C. Google searches

    D. Vulnerability scans

  47. Which one of the following is not a likely consequence of system sprawl?

    A. Improper input validation

    B. Undocumented assets

    C. Excess costs

    D. Unsupported systems

  48. Tonya is developing a web application and is embedding a session ID in the application that is exchanged with each network communication. What type of attack is Tonya most likely trying to prevent?

    A. Man-in-the-middle

    B. Replay

    C. Buffer overflow

    D. SQL injection

  49. Carla found the following page on her web server. What type of attacker most likely waged this attack?

    Figure 1.9

    Note

    The above question is included as an example of a security attack. The publisher does not endorse the political message conveyed by the image, nor wish to cause any offence.

    A. Hactivist

    B. APT

    C. Script kiddie

    D. Organized crime

  50. Which one of the following attackers is most likely to understand the design of an organization's business processes?

    A. Script kiddie

    B. APT

    C. Insider

    D. Hacktivist

  51. Kevin is configuring a vulnerability scan of his network. He would like the scan to be a non-intrusive scan and is using the configuration settings shown here. Which setting should he modify?

    Figure 1.10

    A. Enable safe checks.

    B. Stop scanning hosts that become unresponsive during the scan.

    C. Scan IP addresses in a random order.

    D. Slow down the scan when network congestion is detected.

  52. Frank is responsible for administering his organization's domain names. He recently received a message from their registrar indicating that a transfer request was underway for one of their domains, but Frank was not aware of any request taking place. What type of attack may be occurring?

    A. DNS spoofing

    B. IP spoofing

    C. Domain hijacking

    D. ARP spoofing

  53. Morgan is a web developer who's responsible for implementing an authentication system. She knows that she should store hashed versions of passwords rather than the passwords themselves but chooses to use unsalted passwords. What type of attack does this make the application more susceptible to?

    A. Offline brute force attack

    B. Online brute force attack

    C. Rainbow table

    D. Collision

  54. Kelly detected an attack on her network where the attacker used aircrack-ng to create a wireless network bearing her company's SSID. The attacker then boosted the power of that access point so that it was the strongest signal in an executive office area, prompting executive devices to connect to it. What type of attack took place?

    A. Bluesnarfing

    B. Jamming

    C. Evil twin

    D. WPS

  55. Which one of the following attributes is NOT a characteristic of APT attackers?

    A. Patience

    B. Large amounts of money

    C. Sophisticated exploits

    D. Brute force

  56. Which one of the following security controls is most effective against zero-day attacks?

    A. Vulnerability scans

    B. Signature-based antivirus software

    C. Application control

    D. Intrusion prevention systems

  57. Chris is investigating a security incident at his organization where an attacker entered the building wearing a company uniform and demanded that the receptionist provide him access to a network closet. He told the receptionist that he needed to access the closet immediately to prevent a major network disaster. Which one of the following principles of social engineering did the attacker NOT exploit?

    A. Consensus

    B. Authority

    C. Intimidation

    D. Urgency

  58. Ann works for an organization that recently opted to discontinue the support service on their network devices to control costs. They realized that it would be less expensive to replace devices when they fail than to use the costly replacement plan that was included in their support contract. What should be Ann's primary concern from a security perspective?

    A. Time required to replace a failed device

    B. Cost of replacing devices

    C. Lack of access to vendor patches

    D. Lack of access to vendor support personnel

  59. Which one of the following controls would be LEAST effective against a privilege escalation attack?

    A. HIPS

    B. Patching

    C. Data Execution Prevention

    D. Firewall rule

  60. Warren is conducting a penetration test and has gained access to a critical file server containing sensitive information. He is now installing a rootkit on that server. What phase of the penetration test is Warren conducting?

    A. Active reconnaissance

    B. Persistence

    C. Escalation of privilege

    D. Pivot

  61. Which one of the following security vulnerabilities is NOT a common result of improper input handling?

    A. DDoS

    B. SQL injection

    C. Cross-site scripting

    D. Buffer overflow

  62. What type of access must an attacker have to successfully carry out an ARP poisoning attack against a target?

    A. Access to the target's LAN

    B. Administrative access on the target's system

    C. Normal user access on the target's system

    D. Access to the target's network firewall

  63. Which one of the following cryptographic attacks may be used to find collisions in a hash function?

    A. Birthday attack

    B. Meet-in-the-middle attack

    C. Man-in-the-middle attack

    D. Chosen plaintext attack

  64. Bob is charged with protecting the service shown here from an attack being waged by Mal. What control would best protect against this threat?

    Figure 1.11

    A. Adding TLS encryption

    B. Changing the hash algorithm

    C. Changing Alice's password

    D. Using a shadow password file

  65. After running a vulnerability scan, Charlie identified 10 Windows XP systems running on the network. Those systems support critical business hardware that is over 10 years old and it is not possible to replace the hardware. What is the primary issue that Charlie needs to address?

    A. Obsolete operating system

    B. Incorrectly configured firewall

    C. Outdated hardware

    D. User security awareness

  66. Patty is approached by an end user who is trying to visit a banking website and sees the following error message. What type of attack is most likely taking place?

    Figure 1.12

    A. Social engineering

    B. This is a routine error and no attack is likely

    C. Man-in-the-middle

    D. Certificate pinning

  67. During a security review, Terry identified a system that is using the RC4 cipher with a 40-bit key to protect communications between systems using the Remote Desktop Protocol. Which one of the following findings would be appropriate for Terry to include in his report on the risk of this service?

    A. There is not enough information to reach a conclusion.

    B. The key length is too short and should be increased to 1,024 bits.

    C. RC4 is an insecure cipher and should not be used.

    D. The system is using a secure cipher with an appropriate key length.

  68. Joan is trying to break a cryptographic algorithm where she has the encryption key but does not have the decryption key. She is generating a series of encrypted messages and using them in her cryptanalysis. Which term best describes Joan's attack?

    A. Known plaintext

    B. Chosen plaintext

    C. Chosen ciphertext

    D. Known ciphertext

  69. Kristen is investigating wireless signal interference in her building and suspects that jamming might be taking place. Which one of the following actions can help her rule out the intentional jamming of her wireless signal?

    A. Moving antenna locations

    B. Changing the Wi-Fi channel

    C. Changing power levels

    D. Testing a variety of devices

  70. While investigating a security incident, Ryan discovers that the attacker entered the information shown here in the login box for a web application. What type of attack was likely taking place?

    Figure 1.13

    A. LDAP injection

    B. Blind SQL injection

    C. SQL injection

    D. Cross-site scripting

  71. Melanie is designing an authentication scheme for a web application and wishes to protect the site against session hijacking attacks. She would like to ensure that cookies containing session credentials are only sent via encrypted connections. What attribute should she set on cookies that are used for session identification?

    A. Expire

    B. HttpOnly

    C. SameSite

    D. Secure

  72. Ken is conducting a penetration test of one of his organization's clients. He gains access to a web server located in the DMZ using a buffer overflow attack and is now attempting to gain access to systems on the internal network. What stage of the attack has Ken reached?

    A. Reconnaissance

    B. Pivot

    C. Persistence

    D. Escalation of privilege

  73. Rob is troubleshooting a production application in his organization. He discovers that after the application has been running for about a week, it begins producing repeated errors. When he reboots the system, it works fine for another week, until the errors start recurring. What is the most likely cause of this issue?

    A. Insider attack

    B. Logic bomb

    C. Buffer overflow

    D. Memory leak

  74. Vince runs the MD5 hash function against three files on his system. He knows that each of the three files contains log entries from different days. What has occurred?

    Figure1.14

    A. Use of a secure hash function

    B. Decryption

    C. Collision

    D. Syntax error

  75. After running an Nmap scan of a new web server being commissioned on her network, Karen discovered the results shown here. Which port should Karen prioritize for investigation and remediation?

    Figure 1.15

    A. 443

    B. 22

    C. 80

    D. 23

  76. The POODLE attack rendered the SSL protocol insecure and prompted many websites to replace SSL with TLS. What type of attack is POODLE?

    A. Disassociation

    B. Downgrade

    C. Bluesnarfing

    D. Evil twin

  77. Vince is investigating the compromise of a user's account credentials. The user reports that, in addition to her corporate account, the passwords to many of her online banking and bill payment accounts were also compromised. Vince examines her computer and determines that there is an unusual piece of hardware connected between the keyboard and the computer. What type of attack has most likely taken place?

    A. Bot

    B. Spyware

    C. Keylogger

    D. Adware

  78. Larry is evaluating a dynamic web application that uses a web server with a database back end, as shown in the following diagram. The web server is configured to connect to the database server with a database administrative account. Which one of the following statements is correct about this configuration?

    Figure 1.16

    A. The web server should use an OS administrator account to connect to the database.

    B. The web server should use a limited privilege account to connect to the database.

    C. This configuration is reasonable.

    D. The web server should not connect directly to the database server.

  79. Which one of the following attacks allows the theft of information from a mobile device over a wireless connection that directly connects the attacker to the device?

    A. Bluejacking

    B. Evil twin

    C. Bluesnarfing

    D. Session hijacking

  80. In a recent social engineering attack, the attacker found an employee of the target company at his gym and struck up a friendship there for several months before trying to slowly extract sensitive corporate information from the employee. What principle of social engineering is the attacker trying to exploit?

    A. Consensus

    B. Authority

    C. Urgency

    D. Familiarity

  81. During a penetration test, the testers sent the following email to a clerk in an organization's Accounts Payable department. What type of attack took place?

    Figure 1.17

    A. Spear phishing

    B. Whaling

    C. Vishing

    D. Smishing

  82. Which one of the following device types is most susceptible to a pass-the-hash attack?

    A. VPN concentrator

    B. Network firewall

    C. Windows server

    D. Hardware security module

  83. Vince is concerned about the execution of SQL injection attacks against the database supporting his organization's e-commerce website. Which one of the following controls would NOT be an effective defense against these attacks?

    A. Parameterized queries

    B. WAF

    C. Indexing

    D. Stored procedures

  84. Norm is concerned that his organization may be the target of a theft of trade secrets by a competitor working with an insider to steal sensitive files. What security control would be the most helpful in detecting attempts to remove that sensitive information from the organization?

    A. IPS

    B. DLP

    C. Firewall

    D. TLS

  85. Elliott is frustrated by the number of false positive reports being returned by his vulnerability scans. Which one of the following actions is MOST likely to reduce the number of false positive reports?

    A. Implement credentialed scanning

    B. Decrease the scan's sensitivity

    C. Disable safe checks

    D. Increase the size of the target network

  86. During a recent security investigation, Cam discovered the device shown here sewn into a briefcase belonging to a senior executive. What type of transmission was most likely used to communicate with this device?

    Figure 1.18

    A. Cellular

    B. Bluetooth

    C. Wi-Fi

    D. RFID

  87. Dave discovers that a piece of malware running on a system has been loading the feeds of strange Twitter accounts that contain tweets similar to the one shown here. What type of malware likely exists on this system?

    Figure 1.19

    A. Trojan horse

    B. Virus

    C. Worm

    D. Botnet

  88. Rick would like to use vulnerability scanning results as part of a penetration test he is undertaking. The penetration test is scoped as a black box test. Which one of the following scan reports would be the most useful and appropriate for Rick to obtain from management before conducting the test?

    A. Internal scan report

    B. External scan report

    C. Credentialed scan report

    D. Agent-based scan report

  89. After running a vulnerability scan, Carl detects a missing patch on a Windows server. When he investigates the server, he determines that the patch is actually applied. What condition has occurred?

    A. True positive

    B. False negative

    C. False positive

    D. True negative

  90. After conducting a vulnerability scan, Kaiden discovers the vulnerability shown here on several of his organization's web servers. What is the most likely direct impact of these vulnerabilities?

    Figure 1.20

    A. An attacker can disrupt access to the web server.

    B. An attacker can obtain information about the inner functioning of the web application.

    C. An attacker can steal information from the database supporting this application.

    D. An attacker can gain administrative access to the web server.

  91. Carla noticed unusual spikes in network activity and, upon further investigation, determined that there is an usually high number of outbound DNS query responses. She also noticed that the query responses are significantly larger than the queries themselves. What type of attack should Carla suspect?

    A. Cross-site scripting

    B. Amplification

    C. DNS poisoning

    D. Pass-the-hash

  92. Shortly after Trish's organization fired a software developer, code on a server activated that determined that the developer was no longer employed and deleted the source code from her projects. What type of attack did Trish's organization experience?

    A. Logic bomb

    B. Trojan horse

    C. Worm

    D. RAT

  93. Dawn is conducting the reconnaissance phase of a penetration test and would like to identify the registered owner of a domain name. Which one of the following tools would be the most likely to provide her with this information?

    A. Whois

    B. Nslookup

    C. Dig

    D. Ping

  94. Which one of the following controls is the most effective way to protect against security-related architectural and design weaknesses?

    A. Deploying intrusion prevention systems

    B. Carefully maintaining network firewall rules

    C. Implementing employee background checks

    D. Including security team members in the project management process

  95. Barry is the administrator of a message board that's used by his organization's clients to communicate with each other. One client posted a message on the board that contained script code that caused the browsers of other users to carry out malicious actions when they viewed the message. What type of attack took place?

    A. XSRF

    B. Reflected XSS

    C. DOM XSS

    D. Stored XSS

  96. Mal is an attacker associated with an advanced persistent threat (APT) organization. Her team recently discovered a new security vulnerability in a major operating system and has not informed anyone of this vulnerability. What type of attack is Mal's organization in a position to wage?

    A. SQL injection

    B. Zero-day

    C. Man-in-the-browser

    D. Spoofing

  97. Which one of the following technologies would be the most useful in preventing man-in-the-middle attacks?

    A. TLS

    B. SSL

    C. Digital certificates

    D. Input validation

  98. Harold is examining the web server's logs after detecting unusual activity on the system. He finds the log excerpt shown here. What type of attack did someone attempt against this system based upon the data shown in these logs?

    Figure 1.21

    A. Cross-site scripting

    B. Domain hijacking

    C. SQL injection

    D. Directory traversal

  99. Which one of the following attacks exploits a race condition in a software implementation?

    A. Integer overflow

    B. Buffer overflow

    C. SQL injection

    D. TOC/TOU

  100. Which one of the following devices is capable of carrying out a rogue AP attack against a Wi-Fi network with minimal configuration?

    A. Switch

    B. Router

    C. Orange

    D. Pineapple

  101. Carla's firm is preparing to deploy a large network of Internet of Things sensors. Which one of the following is the least common security concern with IoT deployments?

    A. Data encryption

    B. Patches to embedded operating systems

    C. Network segmentation

    D. Multifactor authentication

  102. Hank ran a vulnerability scan of one of his organization's web servers and found the two vulnerabilities shown here. What is the most expedient way for Hank to correct this issue?

    Figure 1.22

    A. Modify the ciphers used by SSL/TLS

    B. Upgrade to SSL 3.0

    C. Upgrade to TLS 1.2

    D. Replace the digital certificate

  103. Mal is engaging in an IP spoofing attack against a target organization over the internet. Which one of the following limitations does the attack have if Mal has complete control of her own network?

    A. Mal will not be able to receive responses to requests.

    B. Mal will not be able to send packets onto the internet with spoofed addresses.

    C. Mal will not be able to insert a spoofed IP address into her network traffic.

    D. Mal will not be able to conduct a denial of service attack.

  104. Nate is the first person to arrive in the office one morning and he discovers that a piece of malware is spreading from system to system on his network, exploiting the MS08-067 vulnerability in Microsoft Windows. What term best describes this malware?

    A. Virus

    B. Trojan horse

    C. Worm

    D. Logic bomb

  105. Noah is a cybersecurity analyst for a mid-sized business. He is working with the user of a machine that is exhibiting suspicious behavior. The anomalous activity began immediately after the user downloaded and installed software from the internet and Noah suspects that it contained malware. What term best describes the malware in this situation?

    A. Trojan horse

    B. Virus

    C. Worm

    D. Logic bomb