Domain 3.0 Threats and Vulnerabilities Flashcards
What level of privileges does a Trojan horse have in most corporate network environments?
A. Administrative
B. Normal user
C. System
D. No access
B. Normal user
Which of the following is a virus whose primary feature is its attempt to prevent anti-virus software from removing it?
A. armored
B. stealth
C. polymorphic
D. boot sector
A. armored
A logic bomb can be triggered by a number of events. Which of the following is likely not an example of a delivery mechanism used to plant a logic bomb?
A. Password guessing
B. Virus
C. System
D. Trojan horse
A. Password guessing
Which of the following is not a true statement?
A. Worms are self replicating and do not need a host.
B. Worms always cause data corruption.
C. WORMS are a form of write once, read many storage device.
D. Worms do not need user activity to initiate.
B. Worms always cause data corruption.
Which of the following is not directly associated with man-in-the-middle attacks?
A. DNS poisoning
B. DDoS
C. Rogue proxy server
D. False HOSTS file
B. DDoS
DDoS - Distributed Denial of Service
DNS - Domain Name Service
A Smurf attack relies on what form of traffic to flood a victim?
A. UDP
B. TCP SYN packets
C. ICMP Type 0
D. Encrypted
C. ICMP Type 0
ICMP - Internet Control Message Protocol
UDP - User Datagram Protocol
TCP - Transmission Control Protocol
What is SPIM?
A. Serial Port Indicator Mechanism
B. Unwanted junk e-mail messages
C. A name resolver service
D. SPAM over IM
D. SPAM over IM
IM - Instant Messaging
SPAM - Something Posing As Mail???
What type of attack aims at redirecting traffic intended for a legitimate Web site to an illegitimate Web site?
A. Phishing
B. Pharming
C. Fraggle
D. SQL injection
B. Pharming
What is the social engineering tactic that grants an unauthorized person access to a secured area without consent of an authorized person?
A. Tailgating
B. War driving
C. Phishing
D. Piggybacking
A. Tailgating
What is vishing?
A. Virtualization hijacking
B. Phishing using a virus
C. VLAN based DOS attacks
D. VoIP based information gathering
D. VoIP based information gathering
What technology can use either the 2.4 or 5 GHz frequency ranges and can support theoretical throughputs of 600 Mbps when using 802.11 wireless networks?
A. WPA
B. 802.11n
C. MAC filtering
D. isolation
B. 802.11n
A hacker sets up a wireless access point in a vacant room next door to your office space. The wireless network supported by this unauthorized device has the same network name and base station MAC address as the authorized access point. What form of attack is the attacker using?
A. DHCP starvation
B. Bluejacking
C. Evil twin
D. Packet injection
C. Evil twin
When entering your office building from a side entrance, one that faces several outdoor restaurants, you notice markings on the wall. They look like circles with numbers and codes written nearby. What is this an indication of?
A. War chalking
B. Impersonation
C. Piggybacking
D. Firewall breach
A. War chalking
While away from the office for lunch, you connect your notebook to a free WiFi hotspot provided by the restaurant. You sit in a corner booth, latch the notebook to the table, and direct the screen so as to be visible only from your seating position. What security risk have you overlooked?
A. Snatch and grab
B. Shoulder surfing
C. Eavesdropping
D. Brownouts
C. Eavesdropping
The ability for a hacker to submit various constructions of commands and search expressions in order to interact with the back-end database supporting a Web site is commonly considered what form of attack?
A. Session hijacking
B. SQL injection
C. DDoS
D. Buffer overflow
B. SQL injection
SQL - Structured Query Language
Which type of attack would typically not result in an attacker gaining the direct ability to arbitrarily execute his own choice of code on a target or victim system?
A. SQL injection
B. Buffer overflow
C. Directory traversal
D. Deauthorization flooding
D. Deauthorization flooding
What form or type of attack is the most difficult to detect and block?
A. Scripting
B. Zero day
C. Input manipulation
D. Eavesdropping
B. Zero day
An attack which is transmitted to a target through an HTTP response that is not properly validated could result in page hijacking, cache-poisoning, cross-site scripting, cookie manipulation, and other compromises. What is this attack often classified as?
A. Header manipulation
B. Cookie hijacking
C. XML injection
D. Bluesnarfing
A. Header manipulation
All of the following are generally considered detections controls. However, which also has the added benefit as being a preventative control as well?
A. Security cameras
B. Perimeter breach detectors
C. Security guards
D. Proximity sensors
C. Security guards
Which of the following is not a technique to bypass physical key-based locks?
A. Shimming
B. Picking
C. Jittering
D. Bumping
C. Jittering
What type of proximity reader is able to generate its own electricity from the magnetic field generated by or near the receiver device?
A. RFID
B. Transponder
C. Passive device
D. Magnetic contact
A. RFID
RFID - Radio Frequency Identification
What risk assessment metric predicts the likelihood of a threat being realized within a given time frame?
A. Single Loss Expectancy
B. Exposure Factor
C. Annualized Rate of Occurence
D. Acceptable Risk
C. Annualized Rate of Occurence
The possibility of harm due to the lack of a protection or the failure of a countermeasure can be labeled as a?
A. Threat
B. Vulnerability
C. Exposure
D. Tolerance
B. Vulnerability
As a consumer of open source software, what is the best way you can defend against buffer overflow in deployed software that is essential to your organization’s work tasks?
A. Deploy current vendor patches
B. Perform a code review and add input limit checks
C. User training and awareness
D. Auditing activities of users and processes
B. Perform a code review and add input limit checks
After running a vulnerability assessment, you discovered several weaknesses. After applying patches and performing some reconfiguration, how can you check that your modifications are sufficient without risking damage or downtime?
A. Re-perform the vulnerability assessment
B. Restore the system image from a backup
C. Perform penetration testing
D. Check your transaction logs
A. Re-perform the vulnerability assessment
What form of testing will provide a client with the most realistic criminal perspective on the vulnerabilities of their security infrastructure?
A. Fuzzing
B. Black box testing
C. Vulnerability scanning
D. Malware simulation
B. Black box testing
A vulnerability scanner is the most appropriate tool for discovering what type of security issue?
A. Zero day vulnerabilites
B. Poor security policy design
C. Inappropriate use behavior
D. Known weaknesses
D. Known weaknesses
