Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA security+ 701 > Exam 3 > Flashcards

Exam 3 Flashcards

1
Q

As part of new hire orientation, a software technician explores the makeup of the organization’s network infrastructure. When reviewing used network appliances and protocols, what provides a bridge between a cabled network and wireless hosts, or stations?

A

A. Wireless access point
B. Switch
C. Router
D. Transport protocol

A. Wireless access point

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A software engineer is tasked with identifying vulnerabilities within the network architecture. When evaluating the use of a particular architecture and selection of controls, what should not be considered as part of architectural considerations?

A

A. Port security
B.Costs
C. Availability
D. Risk Transference

A. Port security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How can I protect my network from someone who wants to connect a rogue access point to it?

A

802.1x on a managed switch

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What type of attack interferes with my wireless network?

A

Jamming

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

My laptop had a virus, so I reinstalled the operating system and the virus came back. What type of attack is causing this?

A

Rootkit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

My domain controller uses NTLM authentication. What type of attack makes it vulnerable?

A

Pass the Hash Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What type of threat actor will try to steal your trade secrets so that they can manufacture your new product and get it to market before you can?

A

Competitor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Someone goes to the dark web and purchases a program that he can modify to carry out an attack. What type of threat actor is the attacker?

A

Script kiddie

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

An attacker has just carried out an attack rendering a website unusable. When he has finished the attack, he then has to rush off, as he is going to attend a political rally. What type of threat actor is he?

A

Hacktivist

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the most difficult threat actor to detect and why?

A

Insider b/c they’re insider your network legitamately

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What type of virus produces a different hash as it replicates through your network?

A

Polymorphic virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What type of attack can use a hidden password that has been in place since the application was installed?

A

Backdoor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What type of attack involves an agent attacking a high‐level executive calling them on a telephone and leaving a voicemail?

A

Vishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What type of attack involves a huge fireman arriving in the reception area of your company and you letting him into your server room?

A

Social engineering with urgency

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What type of attack involves downloading a performance-enhancing computer program that says that I have 20,000 exploits and that I should purchase the full version of the product to remove them?

A

Disguised ransomware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What type of attack collects passwords from your computer and sends them back to the hacker who then uses these passwords to gain access to your computer system?

A

RAT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What type of attack cannot be detected by a NIPS, NIDS, firewall, or a SIEM system, but can only be detected by using baselines?

A

Zero-day attack

18
Q

What type of attack is a stealth attack that tracks your internet habits and usage?

A

Spyware

19
Q

An employee leaves the company, then three months later, files are deleted from a file server, even though it has been isolated from the network. On investigation, it was found that the damage was caused by a script being launched. What type of attack was carried out?

A

Logic bomb

20
Q

What type of attack uses multiple popups as its attack vector?

A

Adware

21
Q

What type of attack infects a well‐known, trusted website where the users do not suspect anything?

A

Watering hole attack

22
Q

What type of attack is launched against a manager using email as its attack medium?

A

Phishing

23
Q

What type of attack is launched against managers using email as its attack medium?

A

Spear phishing

24
Q

A company is employing a third party to collect all of its shredded waste that will then be taken to a remote site and incinerated. What type of attack does this prevent?

A

Dumpster diving

25
Q

What type of attack is launched when you receive an email from the CEO threatening you with disciplinary action if you do not complete a form that was requested earlier by the human resources department (you don’t remember the earlier correspondence)?

A

Social engineering with authority

26
Q

You have just started working at the reception desk of a multinational corporation. During your induction period, one of the middle managers asks your coworker for some information. You are not too sure if he is entitled to that information. The next day, when your coworker has gone to lunch, the middle manager arrives asking you for the same information, this time updated a little. You don’t want to be seen as different from other employees, and so you give him the information. What type of attack has just been launched?

A

Social engineering with consensus

27
Q

The CEO has received an email asking him to click on a link and carry out an action so that his salary information can be updated, as the company is moving to a new financial system. What type of attack has just been launched?

A

Whaling

28
Q

What type of attack can be launched using HTML tags and/or JavaScript?

A

Cross-Site Scripting (XSS)

29
Q

Five seconds after connecting to the company’s wireless network, the sessions drop. What type of wireless attack have I been the victim of?

A

Disassociation attack

30
Q

A hacker has managed to gain access to my Bluetooth phone and has been texting all of my friends, announcing that I am going to get married next year. This information is false. What type of attack has just been carried out?

A

Bluejacking

31
Q

A hacker has managed to gain access to my Bluetooth phone and has been able to steal my contact information. What type of attack has been carried out?

A

Bluesnarfing

32
Q

What type of attack is an interception attack where the data has been replayed immediately?

A

Man-in-the-middle attack

33
Q

What type of attack is an interception attack where the data has been replayed at a later date?

A

Replay attack

34
Q

What types of attack might use port 1900 and port 5000? Name two.

A

Virus use port 1900; Worm use port 5000

35
Q

In the morning, I swipe my card and open the door to the main offices. I am about to close the door when I see a young lady struggling with a big box, and so I keep the door open for her. What type of attack has just occurred?

A

Social engineering tailgating

36
Q

The customer service desk receives a call from Frank, who says he is from the IT help desk. He says there is a glitch in the system, so they are having to change everyone’s passwords. I change my password and ask Helen from the HR department how long Frank has been working for the company. She says that she is not aware of someone called Frank who works at the help desk. What type of attack has just occurred?

A

Social engineering impersonation

37
Q

What type of attack is it when a group of infected computers attacks another computer to render it unusable?

A

DDoS Attack

38
Q

I went to the ATM to withdraw some cash to purchase a new pair of shoes from a local market stall that only accepts cash. I was unaware that the person standing behind me had taken his cell phone out and was using the video to record my transaction. What type of attack has been carried out?

A

Shoulder surfing

39
Q

An attacker has inserted too much data into a data field on a web form causing it to crash. What type of attack has just occurred?

A

Buffer Overflow

40
Q

My website traffic is being controlled by a load balancer that is ensuring that each web request is going to the least-utilized host. A DDoS attack is now being launched against the company websites. What is the best way to deal with this attack? Will the load balancer cope?

A

Firewall; No

41
Q

What type of attack uses the phrase 1=1? What are the two best solutions to prevent this attack?

A

SQL injections. Stored procedures and input validation.

42
Q

When I go to my local coffee shop, I am given the wireless network SSID and access code so I can use the internet while drinking coffee. When I sit down at my table, I notice that the SSID comes up, and when I connect to the wireless network, I am not asked for a password. What type of attack has just occurred?

A

Evil twin

CompTIA security+ 701 (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions