Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security+ SY0-601 > Incorrect Study Questions > Flashcards

Incorrect Study Questions Flashcards

1
Q

Frank wants to verify that no unnecessary ports and services are available on his systems, but he cannot run a vulnerability scanner. What is his best option?

  1. Passive network capture to detect services
  2. Configuration review
A

configuration review

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Ahmed has hundreds of systems spread across multiple locations and wants to better handle the amount of data that they create. Which of the following two technologies can help?

  1. snetiment analysis and user behaviour analysis
  2. security monitoring and log collectors
  3. packet capture and log aggregation
  4. log aggregation and log collectors
A

4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Frank finds that an attacker has used a vulnerability in a web app that his company runs and has then used that exploit to obtain root privileges on the web server. Which of the following types of attacks has he found?

Privilege escelation

cross-site scripting

A

Privilege escelation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following types of penetration tests is being done when the tester is suplied with extensive knowledge of the target network?

Full disclosure

Known environment

A

Known environment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following are the two most common goals of invoice scams?

Receiving money or stealing cryptocurrency

Receiving money or acquiring credentials

A

receiving money or aquiring credentials

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What browser feature is used to help prevent successful URL redirection attacks?

displaying the full real URL

cert expiration tracking

enabling javascript

disabiling cookies

A

displaying the full real URL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following types of attacks is an SSL stripping attack?

Downgrade attack

on-path attack

A

on-path attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A penetration tester calls a staff member for her target organization and introduces herself as a member of the IT team. She inquires if the staff member has addressed a problem with their system, then proceeds to ask for details about the individual, claiming she needs to verify that she is talking to the right person. Which of the following types of social engineering attack is this?

watering hole

pretexting

shoulder surfing

prepending

A

pretexting

  • Social engineering type that involves using false motive and lyting to obtain information
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security+ SY0-601 (37 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions