Boot Camp Q's

Question 1

*An employee receives an email, which appears to be from the Chief Executive Officer (CEO), asking for a report of security credentials for all users. Which of the following types of attacks is MOST likely occurring?

Answer 1

Spear phishing

Question 2

*A user clicked an email link that led to a website that infected the workstation with a virus. The virus encrypted all the network shares to which the user had access. The virus was not detected or blocked by the company’s email filter, or antivirus. Which of the following describes what occurred?

Answer 2

The virus was a zero-day attack.

Question 3

An information security specialist is reviewing the following output from a Linux server:
user@server:~$ crontab -l
5***/usr/local/bin/backup.sh
user@server:~$ cat /usr/local/bin/backup.sh
#!/bin/bash
if ! Grep -quiet bobuser /etc/passwd then rm -rf
fi
Based on the information above, which of the following types of malware was installed on the server?

Answer 3

logic bomb

Question 4

In terms of encrypting data, which of the following is BEST described as a way to safeguard password data by adding random data to it in storage?

Answer 4

Using salt

Question 5

Which of the following cryptographic attacks would salting of passwords render ineffective?

Answer 5

Rainbow tables

Question 6

An analyst is reviewing a simple program for potential security vulnerabilities before being deployed to a Windows server. Given the following code:
Void foo (char *bar)
{
char random_user_input[12];
strcpy (random_user_input, bar);
}
Which of the following vulnerabilities is present?

Answer 6

Buffer overflow

Question 7

*A vulnerability scanner that uses its running service’s access level to better assess vulnerabilities across multiple assets within an organization is performing a:

Answer 7

Credentialed scan

Question 8

*Which of the following characteristics differentiate a rainbow attack from a brute force attack?

Answer 8

Rainbow attacks greatly reduce compute cycles at attack time.
Rainbow tables must include precomputed hashes.

Question 9

*Which of the following specifically describes the exploitation of an interactive process to access otherwise restricted area of the OS?

Answer 9

Privilege escalation

Question 10

*Which of the following attack types BEST describes a client-side attack that is used to manipulate an HTML iframe with JavaScript code via a web browser?

Answer 10

XSS

Question 11

A black hat hacker is enumerating a network and wants to remain covert during the process. The hacker initiates a vulnerability scan. Given the task at hand and the requirement of being covert, which of the following statements BEST indicates that the vulnerability scan meets these requirements?

Answer 11

The vulnerability scanner is performing in network sniffer mode.

Question 12

*A company hires a consulting firm to crawl its Active Directory network with a non-domain account looking for unpatched systems. Actively taking control of systems is out of scope, as is the creation of a new administrator accounts. For which of the following is the company hiring the consulting firm?

Answer 12

Vulnerability scanning

Question 13

Which of the following penetration testing concepts is being used when an attacker uses public internet databases to enumerate and learn more about a target?

Answer 13

Reconnaissance

Question 14

An in-house penetration tester is using a packet capture device to listen in on network communications. This is an example of:

Answer 14

Passive reconnaissance

Question 15

Which of the following vulnerability types would the type of hacker known as a script kiddie be MOST dangerous against?

Answer 15

Unpatched exploitable internet-facing services

Question 16

Which of the following types of attacks precedes the installation of a rootkit on a server?

Answer 16

Privilege escalation

Question 17

Ann, an employee in the payroll department, has contacted the help desk citing multiple issues with her device, including:
-Slow performance
-Word documents, PDFs, and images no longer opening
-A pop-up
Ann states the issues began after she opened an invoice that vendor emailed to her. Upon opening the invoice, she had to click several security warnings to view it in her word prrocessor. With which of the following is the device MOST likely infected?

Answer 17

Crypto-malware

Question 18

A senior incident response manager receives a call about some external IPs communicating with internal computers during off hours. Which of the following types of malware is MOST likely causing this issue?

Answer 18

Botnet

Question 19

*When systems, hardware, or software are not supported by the original vendor, it is a vulnerability known as:

Answer 19

end-of-life systems

Question 20

Before an infection was detected, several of the infected devices attempted to access a URL that was similar to the company name but with two letters transposed. Which of the following BEST describes the attacker vector used to infect the devices?

Answer 20

Typo squatting

Question 21

A company’s user lockout policy is enabled after five unsuccessful login attempts. The help desk notices a user is repeatably locked out over the course of a workweek. Upon contacting the user, the help desk discovers the user is on vacation and odes not have network access. Which of the following types of attacks are MOST likely occurring?

Answer 21

Brute force

Dictionary

Question 22

Which of the following network vulnerability scan indicators BEST validates a successful, active scan?

Answer 22

The scan output lists SQL injection attack vectors

Question 23

A security administrator is reviewing the following network capture:
192.168.20.43:2043 _> 10.234.66.21.80
POST “192.168.20.43
https://www.banksite.comJoeUsrerPassword”
Which of the following malware is MOST likely to generate the above information?

Answer 23

Keylogger

Question 24

*An auditor is reviewing the following output from a password-cracking tool:
User1:Password1
User2:Recovery!
User3:Alaskan10
User4:4Private
User5:PerForMance2
Which of the following methods did the auditor MOST likely use?

Answer 24

Hybrid

Question 25

A company hires a third-party firm to conduct an assessment of vulnerabilties exposed to the internet. The firm informs the company that an exploit exists for an FTP server that had a version installed from eight years ago. The company has decided to keep the system online anyway, as no upgrade exists from the vendor. Which of the following BEST describes the reason why the vulnerability exists?

Answer 25

End-of-life system

Question 26

A workstation puts out a network request to locate another system. Joe, a hacker on the network, responds before the real system does, and he tricks the workstation into communicating with him. Which of the following BEST describes what occurred?

Answer 26

The hacker exploited a weak switch configuration.

Question 27

*Which of the following would MOST likely appear in an uncredentialed vulnerability scan?

Answer 27

Inactive local accounts

Question 28

As part of the SDLC, a third party is hired to perform a penetration test. The third party will have access to the source code, integration tests, and network diagrams. Which of the following BEST describes the assessment being performed?

Answer 28

White box

Question 29

*A penetration tester is crawling a target website that is available to the public. Which of the following represents the actions the penetration tester is performing?

Answer 29

Reconnaissance