N2K - Quiz - Threats, Vulnerabilities, and Mitigations Flashcards
An attacker carried out an IP spoofing that included saturating your network with ICMP messages. Which attack occurred?
A)SYN flood
B)smurf
C)brute force
D)on-path
smurf
Which of these vulnerabilities is often associated with cloud computing?
A)Outdated firmware
B)Legacy applications
C)End-of-life hardware
D)Resource reuse
Resource reuse
Which of the following mitigation techniques would include establishing, deploying, and then maintaining a standard configuration, such as an image?
A)Decommissioning
B)Installation of endpoint protection
C)Removal of unnecessary software
D)Configuration enforcement
Configuration enforcement
Management is worried about an evil twin. Which of the following BEST describes this entity?
A)signals about the wireless network marked on the outside of a building
B)cracking the WEP secret key using the initialization vector (IV)
C)an access point with the same SSID as the legitimate access point
D)an unauthorized access point
an access point with the same SSID as the legitimate access point
Which message-based attack vector is the platform responsible for launching over 90% of all attacks?
A)IM
B)Typo-squatting
C)SMS
D)Email
Which of the following is based on impersonating an executive in an organization, with the intent of convincing an employee to do something they shouldn’t?
A)Brand impersonation
B)Typo-squatting
C)Business email compromise
D)Misinformation
Business email compromise
What is the primary goal of buffer overflow attacks?
A)SQL injection
B)Malicious update
C)Memory injection
D)Cross-site scripting
Memory injection
A user supplies the proper credentials and logins in to a remote system from an offsite location in New York. Moments later, the same proper credentials are used to login from a different offsite location, this time from Tokyo. What type of Indicator of Compromise does this represent?
A)Resource consumption
B)Blocked content
C)Impossible travel
D)Concurrent session usage
Impossible travel
You need to implement an independent network within your private LAN. Only users in the Research and Development department should be able to access the independent network. Which type of network should you deploy?
A)a VPN
B)an extranet
C)a DMZ
D)a VLAN
a VLAN
Where is steganography typically used?
A)As a removable device exploitation
B)In voice calls
C)In executable file-based attacks
D)In an image-based attack
In an image-based attack
Which of the following would most likely be the primary motivation for attacks conducted by organized crime?
A)Wartime agendas
B)Financial gain
C)Disruption and chaos
D)Revenge
Financial Gain
Recently, while reviewing log data, you discover that a hacker has used a design flaw in an application to obtain unauthorized access to the application. Which type of attack has occurred?
A)buffer overflow
B)backdoor
C)maintenance hook
D)privilege escalation
Privilege Escalation
Which of the following physical attacks is exemplified by making a copy of an employee’s access badge?
A)Tampering
B)RFID cloning
C)Environmental attacks
D)Brute force
RFID Cloning
Which of the following malware attacks is actually a collection of unwanted or unnecessary programs installed on a system?
A)Keylogger
B)Bloatware
C)Trojan
D)Rootkit
Bloatware
Which of the following supply chain elements are threat vectors? (Choose all that apply.)
A)Managed service providers
B)Software suppliers
C)Hardware suppliers
D)Third-party software dependencies
All
Management has recently become worried about DNS poisoning after reading an article about it. Which of the following BEST describes this attack?
A)the practice of many computers transmitting malformed packets to a DNS server to cause the server to crash
B)the practice of continually sending synchronization messages with spoofed packets to a DNS server
C)the practice of dispensing IP addresses and host names with the goal of traffic diversion
D)the practice of one computer transmitting malformed packets to a DNS server to cause the server to crash
the practice of dispensing IP addresses and host names with the goal of traffic diversion
A man wearing a service provider’s coveralls and carrying a toolbox approaches your facility’s security guard. He says that his work crew is running some new Ethernet cable inside your office, but he left his mobile phone at home, so he can’t call his crew to let him in. The security guard admits the man through your secured door. The following week you find an undocumented network device installed in a closet.
Which social engineering attack techniques were used? (Choose all that apply.)
A)Influence campaign
B)Identity fraud
C)Pretexting
D)Eliciting information
E)Impersonation
Pretexting
Impersonation
Recently, an attacker tricked a user into believing he was selecting a button to direct him to a legitimate web site, but that button actually took him to another site. Which type of attack occurred?
A)Amplification
B)Pass the hash
C)Clickjacking
D)Driver manipulation
Clickjacking
You are responsible for designing your company’s identification, authentication, and authorization system to ensure that the company’s network is protected from unauthorized access. What is the purpose of authentication on this network?
A)backing up data stored on hard disks
B)encrypting files
C)verifying the identity of users
D)allowing users to access resources
verifying the identity of users
Which of the following threat actor motivations is also known as a competition attack?
A)Espionage
B)Revenge
C)Philosophical beliefs
D)Ethical hacking
Espionage