CompTIA CySA+ CS0-003 Deck 8

Question 1

Hash

Answer 1

The theoretically indecipherable fixed-length output of the hashing process.

Question 2

(SPF)

Answer 2

Sender Policy Framework

Question 3

(SPF) Sender Policy Framework

Answer 3

A DNS record identifying hosts authorized to send mail for the domain.

Question 4

(DKIM)

Answer 4

Domain Keys Identified Mail

Question 5

(DKIM) Domain Keys Identified Mail

Answer 5

A cryptographic authentication mechanism for mail utilizing a public key published as a DNS record.

Question 6

(DMARC)

Answer 6

Domain-based Message Authentication, Reporting, and Conformance

Question 7

(DMARC) Domain-based Message Authentication, Reporting, and Conformance

Answer 7

A framework for ensuring proper application of SPF and DKIM, utilizing a policy published as a DNS record.

Question 8

Impossible Travel

Answer 8

A tracking of information such as GPS address, IP address, or user’s device to pinpoint a user’s location and determine whether a behavior was physically possible.

Question 9

This provides a cryptographic authentication mechanism for DNS and supplements SPF.

Answer 9

DKIM, or Domain Keys Identified Mail

Question 10

What PowerShell command is often used by attackers to download malicious files and scripts from a web server?

Answer 10

Download String

Question 11

(DDoS attack)

Answer 11

Distributed Denial of Service Attack

Question 12

(DDoS attack) Distributed Denial of Service Attack

Answer 12

An attack that uses multiple compromised hosts (a botnet) to overwhelm a service with requests or response traffic.

Question 13

Traffic Spike

Answer 13

A sharp increase in connection requests in comparison with a baseline.

Question 14

Beaconing

Answer 14

A means for a network node to advertise its presence and establish a link with other nodes, such as the beacon management frame sent by an AP. Legitimate software and appliances do this, but it is also associated with Remote Access Trojans (RAT) communicating with a Command & Control server.

Question 15

(IRC)

Answer 15

Internet Relay Chat

Question 16

(IRC) Internet Relay Chat

Answer 16

A group communications protocol that enables users to chat, send private messages, and share files.

Question 17

ARP Spoofing / ARP Poisoning

Answer 17

A network-based attack where an attacker with access to the target local network segment redirects an IP address to the MAC address of a computer that is not the intended recipient. This can be used to perform a variety of attacks, including DoS, spoofing, and Man-in-the-Middle.

Question 18

Rogue Device

Answer 18

An unauthorized device or service, such as a wireless access point DHCP server, or DNS server, on a corporate or private network that allows unauthorized individuals to connect to the network.

Question 19

Non-Standard Port

Answer 19

Communicating TCP/IP application traffic, such as HTTP, FTP, or DNS, over a port that is not the well-known or registered port established for that protocol.

Question 20

Mismatched Port/Application Traffic

Answer 20

Communicating non-standard traffic over a well-known or registered port.

Question 21

What type of malware typically results in high volumes of traffic saturating switches and router interfaces?

Answer 21

Worm

Question 22

What describes regular host communication to a remote C&C system?

Answer 22

Beaconing

Question 23

How does 802.1x help protect against rogue devices?

Answer 23

Answers will vary. 802.1x limits network access to only pre-authorized devices.

Question 24

Privilege Escalation

Answer 24

The practice of exploiting flaws in an operating system or other application to gain a greater level of access than was intended for the user or application.

Question 25

Which Linux tool provides a live view of system utilization and is sometimes described as a command line version of Windows Task Manager?

Answer 25

top

Question 26

What type of attack would allow a standard user account to perform administrative tasks?

Answer 26

Privilege escalation

Question 27

Nessus

Answer 27

One of the best-known commercial vulnerability scanners, produced by Tenable Network Security.

Question 28

OpenVAS

Answer 28

An open-source vulnerability scanner, originally developed from the Nessus codebase at the point where Nessus became commercial software.

Question 29

Qualys

Answer 29

A cloud-based vulnerability management solution. Users install sensor agents at various points in their network, and the sensors upload data to the cloud platform for analysis.

Question 30

Nmap

Answer 30

An IP and port scanner used for topology, host, service, and OS discovery and enumeration.

Question 31

(MSF)

Answer 31

Metasploit Framework

Question 32

(MSF) Metasploit Framework

Answer 32

A platform for launching modularized attacks against known software vulnerabilities.

Question 33

Which open-source vulnerability scanner maintained by the Greenbone company provides a web-based interface and is designed to run on Linux?

Answer 33

OpenVAS

Question 34

What options can be used to run specialized scripts using the Nmap tool?

Answer 34

-sC or the –script options

Question 35

This describes a square box with random-looking content designed to be scanned with a smartphone camera to obtain instructions.

Answer 35

QR code

Question 36

Burp Suite

Answer 36

A proprietary interception proxy and web application assessment tool.

Question 37

(ZAP)

Answer 37

Zed Attack Proxy

Question 38

(ZAP) Zed Attack Proxy

Answer 38

An open-source interception proxy and web application assessment tool.

Question 39

Nikto

Answer 39

Vulnerability scanner that can be used to identify known web server vulnerabilities and misconfigurations, identify web applications running on a server, and identify potential known vulnerabilities in those web applications.

Question 40

Arachni

Answer 40

An open-source web application scanner.

Question 41

What feature do web application scanners like Burp Suite and ZAP utilize to intercept and inspect client-server traffic?

Answer 41

Proxy

Question 42

ScoutSuite

Answer 42

An open-source cloud vulnerability scanner designed for AWS, Azure, and GCP auditing.

Question 43

Prowler

Answer 43

An open-source cloud vulnerability scanner designed for AWS auditing.

Question 44

Pacu

Answer 44

An open-source cloud penetration testing framework.

Question 45

PowerShell (PS)

Answer 45

A command shell and scripting language built on the .NET Framework that uses cmdlets for Windows automation.

Question 46

(WMIC) Windows Management Instrumentation Command-Line

Answer 46

A tool that provides an interface into Windows Management Instrumentation (WMI) for local or remote management of computers.

Question 47

(regex)

Answer 47

Regular Expressions

Question 48

(regex) Regular Expressions

Answer 48

A group of characters that describe how to execute a specific search pattern on a given text.

Question 49

(JSON)

Answer 49

JavaScript Object Notation

Question 50

(JSON) JavaScript Object Notation

Answer 50

A file format that uses attribute-value pairs to define configurations in a structure that is easy for both humans and machines to read and consume.

Question 51

(XML)

Answer 51

Extensible Markup Language

Question 52

(XML) Extensible Markup Language

Answer 52

A system for structuring documents so that they are human and machine readable. Information within the document is placed within tags, which describe how information within the document is structured.

Question 53

Describe the following bash statement:
[ $num1 -gt $num2 ]

Answer 53

It is a variable comparison, comparing the value of the num1 variable to the value of the num2 variable. Specifically, it is checking to determine whether num1 is larger than num2.

Question 54

Which of the following will successfully display Today is Wednesday (assuming today is Wednesday)?

a) echo Today is date +%A

b) echo ‘Today is date +%A’

Answer 54

Option a. The single quotes in choice b will remove the translation of the data command and instead simply print the characters.

Question 55

What utility can be used to match patterns of data, such as locating phone or credit card numbers?

Answer 55

Regular Expressions

Question 56

Explain the purpose of the following command,
cat /var/log/auth.log | cut -d “ “ -f1-5.

Answer 56

Using the space character as a delimiter, display fields 1 through 5 contained in the file /var/log/auth.log.

Question 57

(SSDLC)

Answer 57

Secure Software Development Life Cycle

Question 58

(SSDLC) Secure Software Development Life Cycle

Answer 58

A method of system development that incorporates security controls in every phase of the system’s lifecycle.

Question 59

Password Spraying

Answer 59

A brute force attack in which multiple user accounts are tested with a dictionary of common passwords.

Question 60

Credential Stuffing

Answer 60

A brute force attack in which stolen user account names and passwords are tested against multiple websites.

Question 61

Broken authentication

Answer 61

A software vulnerability where the authentication mechanism allows an attacker to gain entry, such as displaying cleartext credentials, using weak session tokens, or permitting brute force login requests.

Question 62

Input Validation

Answer 62

Any technique used to ensure that the data entered into a field or variable in an application is handled appropriately by that application.