IT0201 REVIEWER Flashcards
What type of attack occurs when data goes beyond the memory areas allocated to application?
RAM spoofing
Buffer overflow
RAM injection
SQL injection
Buffer overflow
Which of the following statements describes a distributed denial of service (DDoS) attack?
A botnet of zombies, coordinated by an attacker, overwhelms a server with DoS attacks
An attacker sends an enormous quantity of data that a server cannot handle
An attacker monitors network traffic to learn authentication credentials
One computer accepts data packets based on the MAC address of another computer
A botnet of zombies, coordinated by an attackers, overwhelms a servers with DoS attacks
Employees in an organization report that the network access is slow. Further investigation reveals that one employee downloaded a third-party scanning program for the printer.
What type of malware may have been introduced?
Worm
Trojan horse
Phishing
Spam
Worm
Employees in an organization report that they cannot access the customer database on the main server. Further investigation reveals that the database file is now encrypted. Shortly afterward, the organization receives a threatening email demanding payment for the decryption of the database file.
What type of attack has the organization experienced?
Man-in-the-middle attack
Ransomware
Trojan horse
DoS attack
Ransomware
A penetration test carried out by an organization identified a backdoor on the network. What action should the organization take to find out if their systems have been compromised?
Look for unauthorized accounts
Scan the systems for viruses
Look for policy changes in Event Viewer
Look for usernames that do not have passwords
Look for unauthorized accounts
What non-technical method could a cybercriminal use to gather sensitive information from an organization?
Pharming
Social engineering
Ransomware
Man-in-the-middle
Social engineering
A secretary receives a phone call from someone claiming that their manager is about to give an important presentation but the presentation files are corrupted.
The caller sternly asks that the secretary email the presentation right away to a personal email address. The caller also states that the secretary is being held personally responsible for the success of this presentation.
What type of social engineering tactic is the caller using?
Familiarity
Trusted partners
Intimidation
Urgency
Intimidation
All employees in an organization receive an email stating that their account password will expire immediately and that they should reset their password within five minutes.
Which of the following statements best describes this email?
It is an impersonation attack
It is a piggyback attack
It is a hoax
It is a DDoS attack
It is a hoax
Which best practices can help defend against social engineering attacks?
Select three correct answers
Do not provide password resets in a chat window
Deploy well-designed firewall appliances
Resist the urge to click on enticing web links
Add more security guards
Educate employees regarding security policies
Enable a policy that states that the IT department should supply information over the phone only to managers
Do not provide password resets in a chat window
Resist the urge to click on enticing web links
Educate employees regarding security policies
What do you call an impersonation attack that takes advantage of a trusted relationship between two systems?
Spoofing
Man-in-the-middle
Spamming
Sniffing
Spoofing
A cybercriminal sends a series of maliciously formatted packets to a database server, which causes the server to crash.
What do you call this type of attack?
Packet injection
Man-in-the-middle
DoS
SQL injection
DoS
The awareness and identification of vulnerabilities is a critical function of a cybersecurity specialist. Which of the following resources can they use to identify specific details about vulnerabilities?
Infragard
NIST/NICE framework
ISO/IEC 27000 model
CVE national database
CVE national database
When considering network security, what is the most valuable asset of an organization?
financial resources
data
personnel
customers
data
Which resource is affected due to weak security setting for a device owned by the company, but housed in another location?
social networking
removable media
cloud storage device
hard copy
cloud storage device
Which Cisco group is responsible for investigating and mitigating potential vulnerabilities in Cisco products?
Cisco Talos Intelligence Group
Cisco Product Security Incident Response Team
Cybersecurity Infrastructure and Security Agency
National Cyber Security Alliance
Cisco Product Security Incident Response Team
What is an attack vector?
It refers to attacks carried out specifically by internal users.
It refers to a threat group that launches DDoS attacks.
It is a tool by which a threat actor uses to attack an organization.
It is a path by which a threat actor can gain access to a server, host, or network.
It is a path by which a threat actor can gain acccess to a server, host, or network.
Match the common data loss vectors to the description.
Improper Access -Control
Email/Social -Networking
Unencrypted -Devices
Removable Media -
An employee could perform an unauthorized transfer of data to a USB drive. In addition, a USB drive containing valuable corporate data could be lost.
Intercepted email or IM messages could be captured and reveal confidential information.
If the data is not stored using an encryption algorithm, then the thief can retrieve valuable confidential data from stolen corporate laptop.
Stolen passwords or weak passwords which have been compromised can provide an attacker easy access to corporate data.
Improper Access Control - Stolen passwords or weak passwords which have been compromised can provide an attacker easy access to corporate data.
Email/Social Networking - Intercepted email or IM messages could be captured and reveal confidential information.
Unencrypted Devices - If the data is not stored using an encryption algorithm, then the thief can retrieve valuable confidential data from stolen corporate laptop.
Removable Media - An employee could perform an unauthorized transfer of data to a USB drive. In addition, a USB drive containing valuable corporate data could be lost.
Which term in network security is used to describe a potential danger to an asset suc as data or the network itself?
Threat
Vulnerability
Risk
Exploit
Threat
Which statement describes the network security term attack surface?
It is the total sum of the vulnerabilities in each system that are accessible to an attacker.
It is the mechanism that is used to leverage a vulnerability to compromise an asset.
It is a weakness in a system or its design that could be exploited by a threat.
It is the likelihood that a particular threat will exploit a particular vulnerability of an asset and result in an undesirable consequence.
It is the total sum of the vulnerabilities in each system that are accessible to an attacker.
The IT department performs a thorough assessment of security posture for the company data center operation. The risk of potential loss or compromise of critical data is identified. In discussion with the magenement team, a decision is reached that the critical data should be replicated to a cloud service provider and further insured with an insurance company. Which risk management strategy is employed?
Risk avoidance
Risk tranfer
Risk reduction
Risk acceptance
Risk transfer
Match the type of hackers to the description.
piece them together
Gray Hat Hackers -
Black Hat Hackers -
White Hat Hackers -
They are ethical hackers who use their programming skills for good, ethical, and legal purposes. They may perform network penetration tests to compromise networks and system by using their knowledge of computer security systems to discover network vulnerabilities
They are individuals who commit crimes and do arguable unethical things, but not for personal gain or to cause damage. An example would be someone who compromises a network without permission and then discloses the vulerability publicly.
They are unethical criminals who violate computer and network security for personal gain, or for malicious reaosns, such as attacking networks.
Gray Hat Hackers - They are individuals who commit crimes and do arguable unethical things, but not for personal gain or to cause damage. An example would be someone who compromises a network without permission and then discloses the vulerability publicly.
Black Hat Hackers - They are unethical criminals who violate computer and network security for personal gain, or for malicious reaosns, such as attacking networks.
White Hat Hackers - They are ethical hackers who use their programming skills for good, ethical, and legal purposes. They may perform network penetration tests to compromise networks and system by using their knowledge of computer security systems to discover network vulnerabilities
Which term refers to the type of threat actors who are either self-employed working for large cybercrime organizations?
State-Sponsored
Hacktivists
Vulnerability brokers
Cybercriminals
Cybercriminals
Which statement describes the characteristics of the indicators of attack (IOA)?
They help cybersecurity personnel identify what has happened in an attack and develop defenses against the attack.
They are shared through the system AIS (Automated Indicator Sharing) and help to limit the size of attack surface.
They focus on the motivation behind an attack and the potential means by which threat actors have, or will, compromise vulnerabilities to gain access to assets.
They focus on identifying malware files, IP addresses of servers that are used in attacks, filenames, and characteristic changes made to end system software, among others.
They focus on the motivation behind an attack and the potential means by which threat actors have, or will, compromise vulnerabilities to gain access to assets.
What are two reasons that internal threats from within an organization may cause greater damage than external threats? (Choose two.)
Internet users can easily conceal their attacking trails.
State-Sponsored hacking is typically carried out by internal users.
Internal users have direct access to the building and its infrastructure devices.
Internal users may have knowledge of the corporate network, its resources, and its confidential data.
Internal users have better access to attacking tool
Internal users have direct access to the building and its infrastructure devices.
Internal users may have knowledge of the corporate network, its resources, and its confidential data.