Domain 2 Threats, Vulnerabilities, and Mitigations Flashcards

1
Q

Which of the following terms best describes a type of software that disguises itself as legitimate software but contains malicious code that can compromise the security of a system?

A

Malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following best describes the concept of a “zero-day vulnerability”?

A

A vulnerability that is unknown to the software vendor and has no available patch.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the primary goal of a “honeypot” in a network security?

A

A deceptive system designed to attract and monitor malicious activity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a common characteristic of a “man-in-the-middle” (MitM) attack?

A

The attacker intercepts and alters data between two parties without their knowledge.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A security administrator has noticed several unauthorized access attempts to the organization’s internal systems. These attempts are often based on trying common username and password combinations. Which type of attack does this scenario most likely describe?

A

Brute-force attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A company’s web application was recently compromised, and customer data was stolen. The company’s cybersecurity team discovers that the attackers exploited a vulnerability in the application’s code to gain unauthorized access. What type of attack is this?

A

SQL injection attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

An organization’s website has been receiving an unusually high volume of web traffic, which has made the site unresponsive. The traffic appears to be coming from various sources and seems to be overloading the server. What type of attack is this scenario indicating?

A

Denial of Service (DoS) attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the primary purpose of a Denial of Service (DoS) attack?

A

To disrupt or make a service unavailable to its users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

An employee has lost their company-issued smartphone, and it contained sensitive corporate data. What kind of threat does this scenario illustrate?

A

Physical security breach

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A network administrator has implemented a firewall rule that allows only specific incoming traffic from trusted IP addresses and denies all other incoming traffic. What security principle does this rule exemplify?

A

Principle of least privilege

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which attack involves a flood of connection requests with falsified IP addresses to overwhelm a server?

A

SYN Flood

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A company is conducting a security audit and penetration testing on its network to identify and rectify vulnerabilities before malicious actors can exploit them. What security practice is this organization following?

A

Security assessment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

An organization has set up a dedicated network segment for guest wireless access, which is isolated from its internal network. What security principle does this network segmentation align with?

A

Segmentation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

An organization is setting up a disaster recovery site in a geographically distant location from its primary data center. What type of disaster recovery strategy is this?

A

Hot site

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

An attacker calls an employee, pretending to be a colleague from another department, and requests sensitive information to complete a report. What type of social engineering technique is this?

A

Impersonation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

An attacker poses as a delivery person, carrying a package for a company, and convinces an employee to let them into the building. Once inside, the attacker gains unauthorized access to the company’s network. What type of social engineering technique is this?

A

Tailgating

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

An employee receives an email from what appears to be their company’s IT department. The email requests that the employee reset their email password due to a security breach. The email contains a link to a login page. What kind of threat is the employee facing?

A

Phishing attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

During a penetration test, the tester attempts to gain unauthorized access to a system by exploiting known vulnerabilities without any prior knowledge of the target. What type of penetration testing technique is this?

A

Black-box testing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

A penetration tester uses a vulnerability scanner to identify known security issues in a target system. What phase of the penetration testing process does this action belong to?

A

Vulnerability analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

In a penetration test, tools and techniques are used to mimic an attacker trying to gain unauthorized access to a target system. What type of penetration testing is this?

A

Red teaming

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

A security analyst discovers that a particular application does not properly manage its memory allocations, which can lead to data corruption and potentially execute arbitrary code. What potential application attack indicator is this situation most likely related to?

A

Buffer overflows

22
Q

An attacker intercepts a legitimate user’s request and resends it multiple times to manipulate the application into performing unintended actions. What potential application attack indicator does this situation most likely represent?

A

Replay attack

23
Q

Threat actors who is motivated by financial gain and often uses malicious software to encrypt a victim’s data and demand a ransom is typically referred to as:

A

A cybercriminal

24
Q

Which attack involves flooding a network with ICMP echo request packets sent to a broadcast address?

A

Smurf attack

25
Q

Which of the following threat vectors involves tricking individuals into revealing sensitive information or performing actions that compromise security?

A

Social engineering

26
Q

What is a common security concern associated with cross-site request forgery (CSRF) vulnerabilities?

A

Unauthorized data modification

27
Q

Which of the following encryption algorithms is considered the most secure and widely used for securing internet communications?

A

AES (Advanced Encryption Standard).

28
Q

In a recent high-profile cybersecurity incident, attackers targeted a multinational corporation’s executive team with personalized emails, tricking them into revealing sensitive company data and financial information. What type of attack is this scenario describing?

A

Whaling attack

29
Q

A security researcher discovered that a popular social media website had been compromised by attackers. The attackers had injected malicious code into the site, which infected the devices of users who visited the compromised pages. What type of attack is this scenario describing?

A

Watering hole attack

30
Q

A cybercriminal registers domain names that are similar to well-known banking websites but contain minor typographical errors. Users who mistype the URLs may be redirected to these fraudulent sites, leading to potential credential theft. What kind of attack is being depicted in this scenario?

A

Typosquatting attack

31
Q

An attacker goes through the company’s trash bins, searching for discarded documents, invoices, and other materials that might contain sensitive information. What kind of physical security threat does this scenario illustrate?

A

Dumpster diving

32
Q

A company’s security team discovered that a group of hackers had been scanning the organization’s network and systems, attempting to find vulnerabilities that could be exploited. This prelude to an attack is a classic example of which cybersecurity activity

A

Reconnaissance

33
Q

Which attack aims to manipulate a website to redirect users to a fraudulent site that appears legitimate to steal their information?

A

DNS spoofing

34
Q

Which type of attack involves the modification or interception of communication between two parties without their knowledge?

A

Man-in-the-Middle (MitM)

35
Q

Which attack involves falsifying the origin of an email to make it appear as though it’s from a trusted source?

A

Spoofing

36
Q

What is the primary aim of a SQL injection attack?

A

Gaining unauthorized access to a database

37
Q

Which attack involves falsifying the origin of an email to make it appear as though it’s from a trusted source?

A

Spoofing

38
Q

What could be a potential indicator of a brute force attack on a network?

A

Repeated login attempts with different credentials

39
Q

Which team is primarily focused on the defense, prevention, and mitigation of security threats within an organization?

A

Blue-team

40
Q

Which team facilitates collaboration between red and blue teams to improve overall security measures within an organization?

A

Purple-team

41
Q

What is a risk associated with the use of default configurations on devices and applications?

A

Increased susceptibility to unauthorized access

42
Q

What best defines a USB drop attack?

A

Placing USB drives with malware in public areas to trick people into using them.

43
Q

In a busy coffee shop, customers connect to the public Wi-Fi network named “FreeCoffeeShopWiFi.” An attacker sets up a similar-looking access point named “FreeCoffeeShop_WiFi” to intercept traffic. What type of wireless attack is this scenario an example of?

A

Evil twin attack

44
Q

At a business conference, an attendee discovers their Bluetooth-enabled device has received unsolicited business card data from an unknown source. What kind of wireless attack might this scenario indicate?

A

Bluejacking attack

45
Q

In a public library, a hacker placed a device to capture wireless network traffic, allowing them to collect login credentials and personal information from users connecting to the library’s public Wi-Fi. What kind of wireless attack does this scenario represent?

A

Packet sniffing attack

46
Q

A small business recently conducted a vulnerability scan on its network and found multiple weaknesses in its web server, leaving it susceptible to SQL injection attacks. What should be the immediate response to address these vulnerabilities?

A

Implement security measures or patches to fix the SQL injection vulnerabilities.

47
Q

A user downloads and installs what appears to be a legitimate software application, but it contains hidden malicious code that compromises the security of the user’s system. What type of malicious software does this scenario describe?

A

Trojan

48
Q

During a network security assessment, the scanning tool flags an outdated software version as a high-severity risk. After manual investigation, it’s revealed that the software’s vulnerability has been patched. What type of detection is this likely to be?

A

False positive

49
Q

A piece of malicious software spreads across a network by exploiting vulnerabilities in software and making copies of itself on other devices. What type of malicious software does this scenario describe?

A

Worm

50
Q

A user unknowingly installs software on their computer that secretly monitors their online activities, records keystrokes, and sends this information to a remote server. What type of malicious software does this scenario describe?

A

Spyware