Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security+ Certification Exam Studying 2 > CompTIA Security+ Certification Exam SY0-701 Practice Test 8 > Flashcards

CompTIA Security+ Certification Exam SY0-701 Practice Test 8 Flashcards

1
Q

Which of the answers listed below refers to a security vulnerability that enables inserting malicious code into input fields, such as search bars or login forms, to execute unauthorized commands on a database?

A) RCE
B) SQLi
C) XSS
D) CSRF

A

B) SQLi

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following indicates an SQL injection attack attempt?

A) DELETE FROM itemDB WHERE itemID = ‘1’;

B) SELECT * FROM users WHERE userName = ‘Alice’ AND password = ‘’ OR ‘1’ = ‘1’;

C) DROP TABLE itemDB;

D) SELECT * FROM users WHERE email = ‘example@example.com’ AND password = ‘’;

A

B) SELECT * FROM users WHERE userName = ‘Alice’ AND password = ‘’ OR ‘1’ = ‘1’;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the answers listed below describe the characteristics of a cross-site scripting attack? (Select 3 answers)

A) Exploits the trust a user’s web browser has in a website

B) A malicious script is injected into a trusted website

C) User’s browser executes attacker’s script

D) Exploits the trust a website has in the user’s web browser

E) A user is tricked by an attacker into submitting unauthorized web requests

F) Website executes attacker’s requests

A

A) Exploits the trust a user’s web browser has in a website

B) A malicious script is injected into a trusted website

C) User’s browser executes attacker’s script

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following answers refers to a type of software embedded into a hardware chip?

A) Firmware
B) Middleware
Device driver
Machine code

A

A) Firmware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the terms listed below refers to a situation in which a product or service may no longer receive security patches or other updates, making it more vulnerable to attack?

A) EOL
B) ALM
C) EOS
D) SDLC

A

A) EOL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the main vulnerability related to legacy hardware?

A) Compatibility issues
B) Lack of security updates and patches
C) Worn-out physical components
D) Lack of skilled personnel to run it and maintain it

A

B) Lack of security updates and patches

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The term “VM escape” refers to the process of breaking out of the boundaries of a guest operating system installation to access the primary hypervisor controlling all the virtual machines on the host machine.

A) True

B) False

A

A) True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following answers refers to a virtualization-related vulnerability where virtualized assets allocated to one VM are improperly isolated and can be accessed or compromised by another VM?

A) Resource reuse
B) Privilege escalation
C) Resource exhaustion
D) Concurrent session usage

A

A) Resource reuse

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the answers listed below refers to a cloud-related vulnerability type?

A) Insecure APIs
B) Poor access controls
C) Lack of security updates
D) Misconfigured cloud storage
E) Shadow IT / Malicious insiders
F) All of the above

A

F) All of the above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The practice of installing mobile apps from websites and app stores other than the official marketplaces is referred to as:

A) Jailbreaking
B) Rooting
C) Sideloading
D) Carrier unlocking

A

C) Sideloading

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which of the following terms is used to describe the process of removing software restrictions imposed by Apple on its iOS operating system?

A) Sideloading
B) Carrier unlocking
C) Rooting
D) Jailbreaking

A

D) Jailbreaking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

The term “Rooting” refers to the capability of gaining administrative access to the operating system and system applications on:

A) Android devices
B) iOS devices
C) Microsoft devices
D) All types of mobile devices

A

A) Android devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A type of attack aimed at exploiting vulnerability that is present in already released software but unknown to the software developer is known as:

A) On-path attack
B) IV attack
C) Zero-day attack
D) Replay attack

A

C) Zero-day attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Malware that restricts access to a computer system by encrypting files or locking the entire system down until the user performs requested action is called:

A) Grayware
B) Adware
C) Ransomware
D) Spyware

A

C) Ransomware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A Trojan horse is a type of software that performs harmful actions under the guise of a legitimate and useful program. The most characteristic feature of Trojan horse is that while it may function as a legitimate program and possess all the expected functionalities, it also contains a concealed portion of malicious code that the user is unaware of.

A) True

B) False

A

A) True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which type of Trojan enables unauthorized remote access to a compromised system?

A) APT
B) RAT
C) MaaS
D) PUP

A

B) RAT

17
Q

A standalone malicious computer program that typically propagates itself over a computer network to adversely affect system resources and network bandwidth is referred to as:

A) Worm
B) Fileless virus
C) Bot
D) Logic bomb

A

A) Worm

18
Q

Malicious software collecting information about users without their knowledge/consent is known as:

A) Cryptomalware
B) Adware
C) Ransomware
D) Spyware

A

D) Spyware

19
Q

Which of the answers listed below refer to the characteristic features of bloatware? (Select 3 answers)

A) Pre-installed on a device by the device manufacturer or retailer

B) Generally considered undesirable due to negative impact on system performance

C) Installed without user consent

D) Can be pre-installed, downloaded, or bundled with other software

E) Generally considered undesirable due to negative impact on system performance, privacy, and security

A

A) Pre-installed on a device by the device manufacturer or retailer

B) Generally considered undesirable due to negative impact on system performance

C) Installed without user consent

20
Q

Which of the following answers refer to the characteristics of a PUP? (Select 3 answers)

A) Often installed without clear user consent

B) Can be pre-installed, downloaded, or bundled with other software

C) Generally considered undesirable due to negative impact on system performance, privacy, and security

D) Pre-installed on a device by the device manufacturer or retailer

E) Generally considered undesirable due to negative impact on system performance

A

A) Often installed without clear user consent

B) Can be pre-installed, downloaded, or bundled with other software

C) Generally considered undesirable due to negative impact on system performance, privacy, and security

21
Q

Which of the statements listed below apply to the definition of a computer virus? (Select 3 answers)

A) A self-replicating computer program containing malicious segment

B) Malware that typically requires its host application to be run to make the virus active

C) A standalone malicious computer program that replicates itself over a computer network

D) Malware that can run by itself without any interaction

E) Malicious code that typically attaches itself to an application program or other executable component

F) A self-contained malicious program or code that does need a host to propagate itself

A

A) A self-replicating computer program containing malicious segment

B) Malware that typically requires its host application to be run to make the virus active

E) Malicious code that typically attaches itself to an application program or other executable component

22
Q

Which of the following is an example of spyware?

A) Keylogger
B) Vulnerability scanner
C) Computer worm
D) Packet sniffer

A

A) Keylogger

23
Q

Malicious code activated by a specific event is called:

A) Cryptomalware
B) Backdoor
C) Rootkit
D) Logic bomb

A

D) Logic bomb

24
Q

Which of the following answers refers to a collection of software tools used by a hacker to mask intrusion and obtain administrator-level access to a computer or computer network?

A) Rootkit
B) Spyware
C) Backdoor
D) Trojan

A

A) Rootkit

25
Q

The term “RFID cloning” refers to copying the data stored on any RFID-enabled device (including tags, cards, key fobs, implants, and other objects embedded with RFID technology) onto another RFID-enabled device, which then can be read and used in the same way as the original tag. While RFID cloning can be utilized for legitimate purposes, such as replicating important tags for backup and testing purposes, it also poses significant security risk, as duplicate tags can potentially be used for gaining unauthorized access or unauthorized information disclosure.

A) True

B) False

A

A) True

CompTIA Security+ Certification Exam Studying 2 (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions