Common Network Security Threats

Question 1

Which type of threat actor promotes an ideology and does not normally conceal their malicious activities?
Instruction: Choose the option that best answers the question.
Answer Choices

Script kiddie

Hacktivist

Nation-state

Organized crime

Answer 1

Hacktivist

Question 2

How are CVEs named?
Instruction: Choose the option that best answers the question.
Answer Choices

Year-CVE-item_that_year

CVE-item_that_year

Year-CVE

CVE-year-item_that_year

Answer 2

CVE-year-item_that_year

Question 3

What is the primary incentive for bug bounty hunters?
Instruction: Choose the option that best answers the question.
Answer Choices

Espionage

Peer recognition

Financial gain

Promotion of ideology

Answer 3

Financial gain

Question 4

What can be done to mitigate buffer overflow attacks?
Instruction: Choose all options that best answer the question.
Answer Choices

Enable OSI model monitoring

Install a host-based firewall

Admins must ensure the latest software patches have been applied

Programmers must ensure all user-supplied data is validated

Answer 4

Admins must ensure the latest software patches have been applied
Programmers must ensure all user-supplied data is validated

Question 5

What is the result of a SYN flood attack?
Instruction: Choose the option that best answers the question.
Answer Choices

Multiple buffer overflows on the server

Multiple half-open connections on the server

Multiple closed sessions on the server

Multiple injection attacks on the server

Answer 5

Multiple half-open connections on the server

Question 6

When should an Internet user VPN app be used instead of the Tor browser?
Instruction: Choose the option that best answers the question.
Answer Choices

When the user needs to access a corporate point-to-site VPN over the Internet

When only web browsing must be anonymized over the network

When all device access must be anonymized over the network

When the user needs to access a corporate site-to-site VPN over the Internet

Answer 6

When all device access must be anonymized over the network

Question 7

Which indicators are commonplace with a DDoS attack?
Instruction: Choose all options that best answer the question.
Answer Choices

Encrypted data files

Numerous connection requests from the same groups of IPs in a short time frame

Sensitive data exfiltration

Abnormally high level of network traffic

Answer 7

Numerous connection requests from the same groups of IPs in a short time frame
Abnormally high level of network traffic

Question 8

What can be done to harden a Wi-Fi network?
Instruction: Choose all options that best answer the question.
Answer Choices

Disable SSID broadcasting

Disable MAC address filtering

Enable SSID broadcasting

Enable MAC address filtering

Answer 8

Disable SSID broadcasting
Enable MAC address filtering

Question 9

Which attributes define an Advanced Persistent Threat (APT)?
Instruction: Choose all options that best answer the question.
Answer Choices

Multiple half-open server connections

Encryption of data files

Backdoor access to a compromised system for a long period of time

Highly skilled attacker

Answer 9

Backdoor access to a compromised system for a long period of time
Highly skilled attacker

Question 10

How many MITRE attack categories are there?
Instruction: Choose the option that best answers the question.
Answer Choices

6

14

16

5

Answer 10

14

Question 11

Which OWASP Top 10 item related to the violation of the principle of least privilege?
Instruction: Choose the option that best answers the question.
Answer Choices

Insecure design

Broken access control

Injections

Cryptographic failures

Answer 11

Broken access control