Practice Questions 109-120 Flashcards
Management wants to ensure that employees do not print any documents that include customer or employee PII. Which solution would meet this goal? A. HSM B. TPM C. VLAN D. DLP
Data Loss Prevention (DLP) can detect documents sent to a printer that contain personal identifiable information (PII) and prevent them from printing.
A tech company recently discovered an attack on its organization, resulting in a significant data breach of customer data. After investigating the attack, they realized it was very sophisticated and likely originated from a foreign country. Which identifies the MOST likely threat actor of this attack? A.Hacktivist B. APT C. Competitors D. Insiders
An advanced persistent threat (APT) because it was a sophisticated attack and originated from a foreign country.
A recent antivirus scan on a server detected a Trojan. A technician removed the Trojan, but a security administrator expressed concern that unauthorized personnel might be able to access data on the server. The security administrator decided to check the server further. Of the following choices, what is the administrator MOST likely looking for on this server? A. Backdoor B. Logic Bomb C. Rootkit D. Botnet
A backdoor because Trojans commonly create backdoors and backdoors allow unauthorized personnel to access data on the system.
Users in your organization have reported receiving a similar email from the same sender. The email included a link, but after training on emerging threats, all the users chose not to click the link/ Security investigators determined the link was malicious and was designed to download ransomeware. Which BEST describes the email? A. Phishing B. Spear phishing C. Spam D. Vishing
The email was a form of spear phishing because it is targeting users in the same organization.
An organization's security policy requires employees to place all discarded paper documents in containers for temporary storage. These papers are later burned in an incinerator. Which of the following attacks are these actions MOST likely trying to prevent? A. Shoulder surfing B. Tailgating C. Vishing D. Dumpster diving
Dumpster diving is the practice of looking for documents in the trash dumpsters but shredding or incinerating documents ensures dumpster divers cannot retrieve any paper documents.
Your local library is planning to purchase new computers that patrons can use for Internet research. Which are the BEST choices to protect these computers? Select 2. A. Mantrap B. Anti-malware software C. Cable locks D. Disk encryption
Anti-malware software and cable locks are the best choices. Anti malware software protects the systems from viruses and other malware. The cable locks deter theft of the computers.
You are troubleshooting an intermittent connectivity issue with a web server. After examine the log, you identify repeated connection attempts from various IP addresses. You are realize these connection attempts are overloading the server, preventing it from responding to other connections. Which is MOST likely occurring? A. DDoS attack B. DoS attack C. Amplification attack D. Salting attack
A Distributed denial of service (DDoS) attacks from multiple systems with the goal of depleting the target’s resources and this scenario indicates that multiple connection attempts from different IP addresses.
You are reviewing security controls and their usefulness. You notice that account lockout polices are in place. Which attacks will these policies will these polices thwart? Select 2 A. DNS poisoning B. Replay C. Brute force D. Buffer overflow E. Dictionary
Brute force and dictionary attacks attempt to guess passwords, but an account lockout controls locks an account after the wrong password is guessed too many times.
Security analysts recently discovered that users in your organization are inadvertently installing malware on their system after visiting the comptai.org website. Users have legitimate requirement to visit the comptia.org website. Which is MOST likely the explanation for this activity? A. Smurf B. Typo squatting C. Fuzzing D. Replay
Typo squatting (URL hijacking) uses a similar domain name to redirect traffic. In this scenario the last two letters in Comptia are swapped in the malicious domain name, and the system is attempting to download malware onto the users system.
An attacker recently attacked a web server hosted by your company. After investigation, security professionals determined that the attacker used previously unknown application exploit. Which best identifies this attack? A. Buffer overflow B. Zero-day attack C. Man-in-the-browser D. Sesión hijacking
Zero day attack take advantage of an undocumented exploit or an exploit that is unknown to the public.
While reviewing logs for a web application, a developer notices that it has crashed several times reporting a memory error. Shortly after it crashes, the logs show malicious code that isn't a part of a known application. Which is MOST likely occurring? A. Buffer overflow B. ARP poisoning C. Privilege escalation D. Replay
Buffer overflow attacks often cause an application to crash and expose system memories. Attackers then write malicious code into the exposed memory and use different techniques to get the system to run this code.
