501-550 Flashcards
The Chief Information Officer (CIO) receives an anonymous threatening message that says “beware of the 1st of the year”. The CIO suspects the message may be from a former disgruntled employee planning an attack.
Which of the following should the CIO be concerned with?
C.
Logic bomb
Ann, a software developer, has installed some code to reactivate her account one week after her account has been disabled.
Which of the following is this an example of? (Choose two.)
B.
Logic Bomb
D.
Backdoor
Which of the following malware types is MOST likely to execute its payload after Jane, an employee, has left the company?
B.
Logic bomb
Pete, a security analyst, has been tasked with explaining the different types of malware to his colleagues. The two malware types that the group seems to be most interested in are botnets and viruses.
Which of the following explains the difference between these two types of malware?
B.
Botnets are a subset of malware which are used as part of DDoS attacks.
A user, Ann, is reporting to the company IT support group that her workstation screen is blank other than a window with a message requesting payment or else her hard drive will be formatted.
Which of the following types of malware is on Ann’s workstation?
D.
Ransomware
Which of the following describes a type of malware which is difficult to reverse engineer in a virtual lab?
A.
Armored virus
SEE QUESTION 507
Spear fishing Hoax Vishing Phishing Pharming
SEE QUESTION 508
A. Phishing. B. Whaling. C. Vishing. D. Spim. E. Social engineering.
A server with the IP address of 10.10.2.4 has been having intermittent connection issues. The logs show repeated connection attempts from the following IPs:
- 10.3.16
- 10.3.23
- 178.24.26
- 24.94.83
These attempts are overloading the server to the point that it cannot respond to traffic.
Which of the following attacks is occurring?
B.
DDoS
A distributed denial of service attack can BEST be described as:
C.
Multiple computers attacking a single target in an organized attempt to deplete its resources.
An administrator notices an unusual spike in network traffic from many sources. The administrator suspects that:
B.
it is the beginning of a DDoS attack.
A security technician at a small business is worried about the Layer 2 switches in the network suffering from a DoS style attack caused by staff incorrectly cabling network connections between switches.
Which of the following will BEST mitigate the risk if implemented on the switches?
A.
Spanning tree
An administrator is assigned to monitor servers in a data center. A web server connected to the Internet suddenly experiences a large spike in CPU activity.
Which of the following is the MOST likely cause?
D.
DoS
Which of the following attacks could be used to initiate a subsequent man-in-the-middle attack?
C.
Replay
A network analyst received a number of reports that impersonation was taking place on the network.
Session tokens were deployed to mitigate this issue and defend against the following attacks:
A.
Replay
Timestamps and sequence numbers act as countermeasures against which of the following types of attacks?
D.
Replay
SEE QUESTION 517
Which of the following BEST describes the type of attack that is occurring?
A.
Smurf Attack
Which of the following will help prevent smurf attacks?
B.
Disabling directed broadcast on border routers
Which of the following wireless security measures can an attacker defeat by spoofing certain properties of their network interface card?
B.
MAC filtering
SEE QUESTION 520
Which of the following BEST describes the type of attack that is occurring? (Choose two.)
A.
DNS spoofing
E.
ARP attack
Mike, a user, states that he is receiving several unwanted emails about home loans.
Which of the following is this an example of?
D.
Spam
Several users’ computers are no longer responding normally and sending out spam email to the users’ entire contact list.
Which of the following is this an example of?
C.
Worm outbreak
A security administrator notices large amounts of traffic within the network heading out to an external website. The website seems to be a fake bank site with a phone number that when called, asks for sensitive information. After further investigation, the security administrator notices that a fake link was sent to several users.
Which of the following attacks is this an example of?
B.
Phishing
Jane, an individual, has recently been calling various financial offices pretending to be another person to gain financial information.
Which of the following attacks is being described?
D.
Vishing
Purchasing receives an automated phone call from a bank asking to input and verify credit card information. The phone number displayed on the caller ID matches the bank.
Which of the following attack types is this?
C.
Vishing
A company’s employees were victims of a spear phishing campaign impersonating the CEO. The company would now like to implement a solution to improve the overall security posture by assuring their employees that email originated from the CEO.
Which of the following controls could they implement to BEST meet this goal?
B.
Digital signatures
A user has unknowingly gone to a fraudulent site. The security analyst notices the following system change on the user’s host:
Old hosts’ file:
127.0.0.1 localhost
New hosts’ file: 127.0.0.1 localhost 5.5.5.5 www.comptia.com
Which of the following attacks has taken place?
B.
Pharming
Users at a company report that a popular news website keeps taking them to a web page with derogatory content.
Which of the following is this an example of?
B.
DNS poisoning
Which of the following is described as an attack against an application using a malicious file?
A.
Client side attack
Which of the following would BEST deter an attacker trying to brute force 4-digit PIN numbers to access an account at a bank teller machine?
C.
Account lockout settings
Which of the following can be used by a security administrator to successfully recover a user’s forgotten password on a password protected file?
C.
Brute force
A security administrator must implement all requirements in the following corporate policy: Passwords shall be protected against offline password brute force attacks. Passwords shall be protected against online password brute force attacks.
Which of the following technical controls must be implemented to enforce the corporate policy? (Choose three.)
A.
Account lockout
D.
Password complexity
F.
Minimum password length
A recent spike in virus detections has been attributed to end-users visiting www.compnay.com. The business has an established relationship with an organization using the URL of www.company.com but not with the site that has been causing the infections.
Which of the following would BEST describe this type of attack?
A.
Typo squatting
Using proximity card readers instead of the traditional key punch doors would help to mitigate:
D.
Shoulder surfing
Ann an employee is visiting Joe, an employee in the Human Resources Department. While talking to Joe, Ann notices a spreadsheet open on Joe’s computer that lists the salaries of all employees in her department.
Which of the following forms of social engineering would BEST describe this situation?
D.
Shoulder surfing
An investigator recently discovered that an attacker placed a remotely accessible CCTV camera in a public area overlooking several Automatic Teller Machines (ATMs). It is also believed that user accounts belonging to ATM operators may have been compromised.
Which of the following attacks has MOST likely taken place?
A.
Shoulder surfing
All executive officers have changed their monitor location so it cannot be easily viewed when passing by their offices.
Which of the following attacks does this action remediate?
C.
Shoulder Surfing
Ann, an employee, is cleaning out her desk and disposes of paperwork containing confidential customer information in a recycle bin without shredding it first.
This is MOST likely to increase the risk of loss from which of the following attacks?
B.
Dumpster diving
Several bins are located throughout a building for secure disposal of sensitive information.
Which of the following does this prevent?
A.
Dumpster diving
Physical documents must be incinerated after a set retention period is reached.
Which of the following attacks does this action remediate?
B.
Dumpster Diving
At the outside break area, an employee, Ann, asked another employee to let her into the building because her badge is missing.
Which of the following does this describe?
B.
Tailgating
Pete’s corporation has outsourced help desk services to a large provider. Management has published a procedure that requires all users, when receiving support, to call a special number.
Users then need to enter the code provided to them by the help desk technician prior to allowing the technician to work on their PC.
Which of the following does this procedure prevent?
B.
Impersonation
Purchasing receives a phone call from a vendor asking for a payment over the phone. The phone number displayed on the caller ID matches the vendor’s number. When the purchasing agent asks to call the vendor back, they are given a different phone number with a different area code.
Which of the following attack types is this?
B.
Impersonation
A database administrator receives a call on an outside telephone line from a person who states that they work for a well-known database vendor. The caller states there have been problems applying the newly released vulnerability patch for their database system, and asks what version is being used so that they can assist.
Which of the following is the BEST action for the administrator to take?
A.
Thank the caller, report the contact to the manager, and contact the vendor support line to verify any reported patch issues.
A security administrator forgets their card to access the server room. The administrator asks a coworker if they could use their card for the day.
Which of the following is the administrator using to gain access to the server room?
C.
Impersonation
Sara, an attacker, is recording a person typing in their ID number into a keypad to gain access to the building. Sara then calls the helpdesk and informs them that their PIN no longer works and would like to change it.
Which of the following attacks occurred LAST?
C.
Impersonation
Which of the following is characterized by an attacker attempting to map out an organization’s staff hierarchy in order to send targeted emails?
A.
Whaling
Which of the following attacks targets high level executives to gain company information?
B.
Whaling
Users are encouraged to click on a link in an email to obtain exclusive access to the newest version of a popular Smartphone. This is an example of:
A.
Scarcity
A computer supply company is located in a building with three wireless networks. The system security team implemented a quarterly security scan and saw the following.
SSIDStateChannelLevel Computer AreUs1connected170dbm Computer AreUs2connected580dbm Computer AreUs3connected375dbm Computer AreUs4connected695dbm
Which of the following is this an example of?
A.
Rogue access point
