CompTIA CySA+ CS0-003 Deck 8 Flashcards
Learn key concepts found in the CompTIA CySA+ CS0-003 Exam.
Hash
The theoretically indecipherable fixed-length output of the hashing process.
(SPF)
Sender Policy Framework
(SPF) Sender Policy Framework
A DNS record identifying hosts authorized to send mail for the domain.
(DKIM)
Domain Keys Identified Mail
(DKIM) Domain Keys Identified Mail
A cryptographic authentication mechanism for mail utilizing a public key published as a DNS record.
(DMARC)
Domain-based Message Authentication, Reporting, and Conformance
(DMARC) Domain-based Message Authentication, Reporting, and Conformance
A framework for ensuring proper application of SPF and DKIM, utilizing a policy published as a DNS record.
Impossible Travel
A tracking of information such as GPS address, IP address, or user’s device to pinpoint a user’s location and determine whether a behavior was physically possible.
This provides a cryptographic authentication mechanism for DNS and supplements SPF.
DKIM, or Domain Keys Identified Mail
What PowerShell command is often used by attackers to download malicious files and scripts from a web server?
Download String
(DDoS attack)
Distributed Denial of Service Attack
(DDoS attack) Distributed Denial of Service Attack
An attack that uses multiple compromised hosts (a botnet) to overwhelm a service with requests or response traffic.
Traffic Spike
A sharp increase in connection requests in comparison with a baseline.
Beaconing
A means for a network node to advertise its presence and establish a link with other nodes, such as the beacon management frame sent by an AP. Legitimate software and appliances do this, but it is also associated with Remote Access Trojans (RAT) communicating with a Command & Control server.
(IRC)
Internet Relay Chat
(IRC) Internet Relay Chat
A group communications protocol that enables users to chat, send private messages, and share files.
ARP Spoofing / ARP Poisoning
A network-based attack where an attacker with access to the target local network segment redirects an IP address to the MAC address of a computer that is not the intended recipient. This can be used to perform a variety of attacks, including DoS, spoofing, and Man-in-the-Middle.
Rogue Device
An unauthorized device or service, such as a wireless access point DHCP server, or DNS server, on a corporate or private network that allows unauthorized individuals to connect to the network.
Non-Standard Port
Communicating TCP/IP application traffic, such as HTTP, FTP, or DNS, over a port that is not the well-known or registered port established for that protocol.
Mismatched Port/Application Traffic
Communicating non-standard traffic over a well-known or registered port.
What type of malware typically results in high volumes of traffic saturating switches and router interfaces?
Worm
What describes regular host communication to a remote C&C system?
Beaconing
How does 802.1x help protect against rogue devices?
Answers will vary. 802.1x limits network access to only pre-authorized devices.
Privilege Escalation
The practice of exploiting flaws in an operating system or other application to gain a greater level of access than was intended for the user or application.
Which Linux tool provides a live view of system utilization and is sometimes described as a command line version of Windows Task Manager?
top
What type of attack would allow a standard user account to perform administrative tasks?
Privilege escalation
Nessus
One of the best-known commercial vulnerability scanners, produced by Tenable Network Security.
OpenVAS
An open-source vulnerability scanner, originally developed from the Nessus codebase at the point where Nessus became commercial software.
Qualys
A cloud-based vulnerability management solution. Users install sensor agents at various points in their network, and the sensors upload data to the cloud platform for analysis.
Nmap
An IP and port scanner used for topology, host, service, and OS discovery and enumeration.
(MSF)
Metasploit Framework
(MSF) Metasploit Framework
A platform for launching modularized attacks against known software vulnerabilities.
Which open-source vulnerability scanner maintained by the Greenbone company provides a web-based interface and is designed to run on Linux?
OpenVAS
What options can be used to run specialized scripts using the Nmap tool?
-sC or the –script options
This describes a square box with random-looking content designed to be scanned with a smartphone camera to obtain instructions.
QR code
Burp Suite
A proprietary interception proxy and web application assessment tool.
(ZAP)
Zed Attack Proxy
(ZAP) Zed Attack Proxy
An open-source interception proxy and web application assessment tool.
Nikto
Vulnerability scanner that can be used to identify known web server vulnerabilities and misconfigurations, identify web applications running on a server, and identify potential known vulnerabilities in those web applications.
Arachni
An open-source web application scanner.
What feature do web application scanners like Burp Suite and ZAP utilize to intercept and inspect client-server traffic?
Proxy
ScoutSuite
An open-source cloud vulnerability scanner designed for AWS, Azure, and GCP auditing.
Prowler
An open-source cloud vulnerability scanner designed for AWS auditing.
Pacu
An open-source cloud penetration testing framework.
PowerShell (PS)
A command shell and scripting language built on the .NET Framework that uses cmdlets for Windows automation.
(WMIC) Windows Management Instrumentation Command-Line
A tool that provides an interface into Windows Management Instrumentation (WMI) for local or remote management of computers.
(regex)
Regular Expressions
(regex) Regular Expressions
A group of characters that describe how to execute a specific search pattern on a given text.
(JSON)
JavaScript Object Notation
(JSON) JavaScript Object Notation
A file format that uses attribute-value pairs to define configurations in a structure that is easy for both humans and machines to read and consume.
(XML)
Extensible Markup Language
(XML) Extensible Markup Language
A system for structuring documents so that they are human and machine readable. Information within the document is placed within tags, which describe how information within the document is structured.
Describe the following bash statement:
[ $num1 -gt $num2 ]
It is a variable comparison, comparing the value of the num1 variable to the value of the num2 variable. Specifically, it is checking to determine whether num1 is larger than num2.
Which of the following will successfully display Today is Wednesday (assuming today is Wednesday)?
a) echo Today is date +%A
b) echo ‘Today is date +%A’
Option a. The single quotes in choice b will remove the translation of the data command and instead simply print the characters.
What utility can be used to match patterns of data, such as locating phone or credit card numbers?
Regular Expressions
Explain the purpose of the following command,
cat /var/log/auth.log | cut -d “ “ -f1-5.
Using the space character as a delimiter, display fields 1 through 5 contained in the file /var/log/auth.log.
(SSDLC)
Secure Software Development Life Cycle
(SSDLC) Secure Software Development Life Cycle
A method of system development that incorporates security controls in every phase of the system’s lifecycle.
Password Spraying
A brute force attack in which multiple user accounts are tested with a dictionary of common passwords.
Credential Stuffing
A brute force attack in which stolen user account names and passwords are tested against multiple websites.
Broken authentication
A software vulnerability where the authentication mechanism allows an attacker to gain entry, such as displaying cleartext credentials, using weak session tokens, or permitting brute force login requests.
Input Validation
Any technique used to ensure that the data entered into a field or variable in an application is handled appropriately by that application.
