2.3.2, 4.1.3, 2.3.3

Question 1

What is a buffer overflow vulnerability?

Answer 1

When a program writes more data to a buffer than it can handle, leading to the overflow of adjacent memory

Question 2

Which type of vulnerability occurs when a user or process gains unauthorized access to higher-level privileges?

Answer 2

Privilege Escalation

Question 3

What is the primary purpose of a Denial-of-Service (DoS) attack?

Answer 3

To overload a system with traffic, making it slow or unresponsive

Question 4

What is the term used to describe security flaws that are unknown to the software vendor and have no available patch?

Answer 4

Zero-Day Vulnerabilities

Question 5

Which type of attack occurs when a user injects commands or code into a web server to execute?

Answer 5

Command Injection

Question 6

SQL stands for:

Answer 6

Structured Query Language

Question 7

What is the primary purpose of Cross-site Scripting (XSS)?

Answer 7

To bypass access controls and impersonate users

Question 8

Which technology is subject to injection attacks when used for structuring data exchanged on the web?

Answer 8

XML

Question 9

What does Mobile Device Management (MDM) involve?

Answer 9

Administering mobile devices like smartphones and tablets

Question 10

Which deployment model allows employees to use their personal devices for work purposes?

Answer 10

Bring Your Own Device

Question 11

In the Corporate-Owned, Personally Enabled (COPE) deployment model, who maintains control over the device and its security?

Answer 11

The IT department

Question 12

What is the purpose of the Choose Your Own Device deployment model?

Answer 12

Employees choose their devices from a list provided by the company

Question 13

Which connection method is crucial for remote work and on-the-go connectivity, utilizing cellular data networks?

Answer 13

Cellular

Question 14

Where is Wi-Fi connection commonly used?

Answer 14

Corporate offices

Question 15

What is Bluetooth commonly used for?

Answer 15

File sharing and connecting peripherals

Question 16

What unique challenges do deployment models and connection methods address in a corporate environment?

Answer 16

Connectivity and security of mobile devices

Question 17

How do deployment models and connection methods work together in a mobile solution?

Answer 17

They address different aspects of mobile device management

Question 18

What are firmware vulnerabilities?

Answer 18

Security flaws in embedded software

Question 19

What is a potential consequence of exploiting firmware vulnerabilities?

Answer 19

Unauthorized access to the host system

Question 20

When does hardware reach its end-of-life (EOL)?

Answer 20

When the manufacturer stops providing support and updates

Question 21

What is a common vulnerability associated with legacy hardware?

Answer 21

Lack of modern security features

Question 22

How can organizations mitigate hardware vulnerabilities?

Answer 22

Regularly apply patches and updates to firmware

Question 23

What is a characteristic of VM escape vulnerability?

Answer 23

Unauthorized access to the host system from a virtual machine

Question 24

How can resource reuse vulnerabilities be mitigated?

Answer 24

Implementing strong isolation mechanisms between VMs

Question 25

What is a cloud-specific vulnerability?

Answer 25

Inadequate identity, credential, and access management

Question 26

How can organizations address inadequate network security in cloud environments?

Answer 26

Implementing network segmentation

Question 27

What is a potential consequence of misconfigurations in cloud environments?

Answer 27

Loss of customer trust