5 Flashcards

1
Q

Remapping a domain name to a rogue IP address is an example of what kind of exploit?

A

DNS poisoning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

URL redirection is a characteristic feature of:

A

Pharming

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following enables client-side URL redirection?

A

Hosts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following factors has the biggest impact on domain reputation?

A

Distribution of spam

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

As opposed to the simple Denial of Service (DoS) attacks that usually are performed from a single system, a Distributed Denial of Service (DDoS) attack uses multiple compromised computer systems to perform the attack against its target. The intermediary systems that are used as platform for the attack are the secondary victims of the DDoS attack; they are often referred to as zombies, and collectively as a botnet.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the most common form of a DDoS attack?

A

Network-based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which type of DDoS attack targets industrial equipment and infrastructure?

A

** OT **

Operational technology (OT) is the hardware and software that monitors and controls devices, processes, and infrastructure, and is used in industrial settings

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following answers lists the filename extension of a Microsoft PowerShell script file?

A

.ps1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following answers refers to a filename extension used in a cross-platform, general-purpose programming language?

A

.py

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following answers refers to a script file type designed to be run in Unix command line?

A

sh

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which of the following enables running macros in Microsoft Office applications?

A

VBA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Files with this filename extension are used in a scripting language based on the Microsoft’s Visual Basic programming language

A

vbs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which statements best describe the attributes of an APT? (Select 3 answers)

A
  • High level of technical sophistication
  • Extensive amount of resources/funding
  • Typically funded by governments/nation states
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which term best describes a disgruntled employee abusing legitimate access to company’s internal resources?

A

Insider threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following statements does not match a typical description of nation states or state-funded groups identified as threat actors?

A

Typically classified as an internal threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A person who breaks into a computer network or system for a politically or socially motivated purpose is usually described as a(n):

A

Hacktivist

17
Q

Which statements best describe the attributes of a script kiddie? (Select 2 answers)

A
  • Low level of technical sophistication
  • Lack of extensive resources/funding
18
Q

Which of the following terms best describes threat actors whose sole intent behind breaking into a computer system or network is monetary gain?

A

Criminal syndicates

19
Q

Which of the following terms fall into the category of authorized hacking activities? (Select 2 answers)

A
  • White hat
  • Blue hat
20
Q

Which of the following terms falls into the category of unauthorized hacking activities?

A

Black hat

21
Q

Which of the following terms falls into the category of semi-authorized hacking activities?

A

Gray hat

22
Q

In IT security, the term “Shadow IT” is used to describe software and hardware used within an organization, but outside of the organization’s official IT infrastructure.

A

True

23
Q

Which of the following terms best describes threat actors that engage in illegal activities to get the know-how and gain market advantage?

A

Competitors

24
Q

Which of the following answers does not relate to a direct access threat vector?

A

Malicious URL

25
Q

Which of the following answers refer(s) to wireless threat vector(s)? (Select all that appl

A
  • Network protocol vulnerabilities (WEP/WPA)
  • Rogue AP / Evil twin
  • Default security configurations
  • Vulnerabilities in network security standards (WPS)