Quiz March 5th

Question 1

Which penetration-testing concept compromises one system so that it can be used to attack another system?

Answer 1

Pivot

Question 2

You need to list conditions that might indicate a hacker is attacking a network. Which of the following should you include?

Answer 2

A major increase in ICMP traffic

Question 3

Your organization is using a STIX/TAXII client to review cyber threat indicators provided by an ISAC. What is the MOST likely source of this information?

Answer 3

AIS - Automated Indicator Sharing

Question 4

NA

Question 5

What is vishing?

Answer 5

A special type of phishing that uses Voice over IP (VoIP)

Question 6

You have decided to attach a digital timestamp to a document that is shared on the network. Which attack does this prevent?

Answer 6

A replay attack

Question 7

You need to explain to personnel a cross-site request forgery (CSRF) attack occurs. Which of the following best describes this attack?

Answer 7

When unauthorized commands are executed on a Web server by a trusted user

Question 8

You need to educate several members of management regarding the susceptibility of passwords to attacks. To which attacks are passwords susceptible

Answer 8

Dictionary, Sniffing, Brute Force, Social Engineering

Question 9

A user reports that she is unable to access a file server. You discover that there are numerous open connections on the file server from several servers and routers. Which type of attack has affected the file server?

Answer 9

Denial-of-service (DoS) attack

Question 10

A member of management recently read an article about an attack that involved the use of multiple computers with purpose of denying legitimate access to a critical server. Which type of attack was being discussed?

Answer 10

Distributed denial-of-service (DDoS) attack

Question 11

What is tailgating?

Answer 11

Following an authorized user through aa restricted entrance

Question 12

Your organization recently experienced a cross-site scripting (XSS) attack. In which situation does XSS pose the most danger

Answer 12

User accesses a financial organization’s site using his or her login credentials

Question 13

How is syslog used?

Answer 13

Holds event messages that are valuable for troubleshooting both security and performance issues

Question 14

Which research source can help in discovering new vulnerabilities and potential threats in existing Internet standards?

Answer 14

RFCs –> Request for Comments

Question 15

Which of these vulnerabilities could be created by a user who installs a SOHO router?

Answer 15

Default Configuration

Question 16

You need to ensure that resources are only allocated when they are needed. Which secure coding technique should you use?

Answer 16

Provisioning and deprovisioning

Question 17

Your company recently discovered that an attacker carried out an exhaustive password attack. Which type of password attack is often referred to as this?

Answer 17

Brute Force attack

Question 18

An application that your company developed is susceptible to buffer overflows. Which type of vulnerability is demonstrated by them?

Answer 18

Improper input handling

Question 19

Recently, an attacker tricked a user into believing he was selecting a button to direct him to a legitimate web site, but that button actually took him to another site. Which type of attack occurred?

Answer 19

Clickjacking

Question 20

Which of the following scenarios describes a man-in-the-browser (MitB) attack?

Answer 20

When users attempt to access a legitimate website, they are instead redirected to a malicious website

Question 21

The cafe in the student center of a university established contactless payment by printing QR codes on its menus. One day the menus have new QR codes printed on stickers replaced by old codes. Which social engineering principle made this a successful attack?

Answer 21

Trust

Question 22

After troubleshooting an issue on a Windows computer, the IT technician determines that the computer has been infected by a platform-independent virus that was written in an application’s language and is capable of infecting any files using that language. Which virus is present?

Answer 22

Macro Virus

Question 23

You discover that a malicious program has been installed on several host computers on your network. This program’s execution was remotely triggered. Of what is this an example?

Answer 23

Botnet

Question 24

NA

Question 25

You need to protect against database injection attacks. Which of the following should you use?

Answer 25

Stored Procedures

Question 26

As part of your monthly report, you must classify specific vulnerabilities into a broad range of vulnerability types. Which type of vulnerability is demonstrated by an SQL injection?

Answer 26

Improper input handling

Question 27

Which of the following best describe the phrase “threat hunting”?

Answer 27

Discovering threats that have bypassed your existing security mechanisms

Question 28

Management has asked that software developers take the appropriate actions to avoid buffer overflows. What is the BEST method to do so?

Answer 28

Execute a well-written program

Question 29

A hacker has used a design flaw in an application to obtain unauthorized access to the application. Which type of attack has occurred?

Answer 29

Escalation of privileges

Question 30

An attack occurred in which an attacker impersonated the identity of another host to gain access to privileged resources that are typically restricted. Which type of attack occurred?

Answer 30

Spoofing

Question 31

What is often the weakest link in the security chain and represents the largest vulnerability?

Answer 31

Untrained Users

Question 32

Your organization recently had a cross-site request forgery (CSRF) attack. What is another name for this attack?

Answer 32

Session Riding

Question 33

Why is it important to evaluate your supplier’s security policies when considering risks to the business?

Answer 33

The supply chain could be an attack vector to your business

Question 34

Gaining physical unauthorized access to the data center by using another user’s credentials is an example of which option?

Answer 34

Piggybacking

Question 35

As your organization’s security officer, you are currently completing audits to ensure that your security settings meet the established baselines. In which phase of the security management life cycle are you engaged?

Answer 35

Operate and Maintenance

Question 36

Management is concerned that applications have been developed using poor programming processes. Which of these issues may result from this?

Answer 36

Buffer overflow, Memory leak, Pointer dereference, Integer overflow

Question 37

Which of these options would be included in a scan to identify a common misconfiguration?

Answer 37

Router Admin Password

Question 38

You are investigating a point-of-sale (POS) terminal to verify that financial information will be protected. Which one of the following signs indicates a potential skimmer is installed?

Answer 38

A bulky casing is installed over the card reader

Question 39

Which internet-based threat intelligence source is hidden from search engines and indexes and is used by privacy advocates and criminals alike?

Answer 39

Dark Web

Question 40

Which option includes verifying appropriate access controls, authentication controls, input validation, and proper logging, among others?

Answer 40

Identifying a lack of security controls

Question 41

NA

Question 42

A hacktivist group claims responsibility for infecting a manufacturer’s systems by planting an infected USB drive at the companies office. Which term describes this attack strategy?

Answer 42

Supply Chain

Question 43

In this social engineering principle, the attacker attempts to trick personnel into releasing information by proving that is is fine to release the information based on the actions of others

Answer 43

Consensus

Question 44

You have recently been notified by an application vendor that the application includes a rootkit. The manufacturer has released a patch that will remove the vulnerability from the application. What is a rootkit?

Answer 44

A collection of programs that grants a hacker administrative access to a computer or network

Question 45

Which of these vulnerabilities is characterized by a user modifying a browser’s security settings to make it more convenient to visit web sites?

Answer 45

Misconfiguration/weak configuration

Question 46

Management at your company has recently learned of brute force attacks that were experienced by competitors. They have asked you to make a presentation of these attacks. What is an example of a brute force attack?

Answer 46

Using a program to guess passwords from a SAM file

Question 47

You need to ensure that backdoor applications are not installed on any devices in your network. Which tool is NOT a backdoor application?

Answer 47

Nessus

Question 48

How does using a syslog server make processing more effecient?

Answer 48

A syslog server makes it easier to coordinate events and combine information into a single log

Question 49

An attacker carried out an IP spoofing that included saturating your network with ICMP messages. Which attack occurred?

Answer 49

smurf

Question 50

As your organization’s security administrator, you are reviewing the audit results to assess if your organization’s security baselines are maintained. In which phase of the security management life cycle are you engaged?

Answer 50

Monitor and Evaluate

Question 51

NA

Question 52

A hacker has called a company employee and learned the employee’s user name and password by posing as a member of corporate technical support. Which type of attack has the company suffered?

Answer 52

Social Engineering

Question 53

Which types of computers are targeted by RedPill and Scooby Doo attacks?

Answer 53

Virtual Machines

Question 54

NA

Question 55

You are describing attacks that specifically target virtual machines in cloud-based deployment environments. Which of the following is an example of a virtual machine attack?

Answer 55

Hyperjacking

Question 56

You work for a small company that stores password files on an authentication server. To which type of attack are these files vulnerable?

Answer 56

A dictionary attack

Question 57

NA

Question 58

What is the goal when you passively test security controls?

Answer 58

Probing for weaknesses

Question 59

While holding security awareness training for employees, you discuss a security threat that often uses tracking cookies to collect and report on a user’s activities. Which threat are you discussing?

Answer 59

Spyware

Question 60

A man wearing a service provider’s coveralls and carrying a toolbox approaches your facilities security guard. He says that his work crew is running some new Ethernet cable inside your office, but he left his mobile phone at home, so he can’t call his crew to let him in. Which social engineering attack techniques were used?

Answer 60

Pretexting, Impersonation

Question 61

You have just been hired as the systems administrator for a research and development firm. Your organization allows the employees to use social media at work. What particular concern should you voice to management?

Answer 61

Data Exfiltration

Question 62

Which SIEM feature would be best for long-term storage and security?

Answer 62

Logs/WORM

Question 63

Which threat actor type would most likely have the most resources available?

Answer 63

Nation States

Question 64

Which of the following is the best description of a zero-day exploit?

Answer 64

An attack that exploits a security vulnerability on the day the vulnerability becomes generally known

Question 65

Your company contracts with a third-party janitorial service to clean the offices every night. Which one of these policies presents the greatest risk to the organization if it is NOT implemented?

Answer 65

Clean Desk Policy

Question 66

Which team is responsible for taking on the role of an attacker during the simulation of a security incident?

Answer 66

Red Team

Question 67

You are describing how multiple techniques can be applied in a single attack. Which type of attack combines IP spoofing with the act if inserting malicious code in packets?

Answer 67

Man-in-the-middle

Question 68

NA

Question 69

You have discovered that hackers are gaining access to your WEP wireless network. After researching, you discover that the hackers are using war driving. You need to protect against this type of attack. What should you do?

Answer 69

Configure the network to use WPA or WPA2, Change the default Service Set Identifier (SSID), Configure the network to use authenticated access only, Disable SSID broadcast

Question 70

Management is worried about an evil twin. Which of the following BEST describes this entity?

Answer 70

An access point with the same SSID as the legitimate access point

Question 71

You need to ensure that your companies anti-virus application protects against viruses that include protective code that prevents outside examination of critical elements. Which type of virus is this?

Answer 71

Armored Virus

Question 72

NA

Question 73

Your organization recently experienced an XSS attack. What is the best protection against this type of attack?

Answer 73

Disable the running of scripts

Question 74

Which type of test relies heavily on automated scanning tools and reporting?

Answer 74

Vulnerability Test

Question 75

Which threat actor type can be characterized by having an unsophisticated skill level, using widely available tools, and being often motivated by the need that they can prove that they can do it?

Answer 75

Script Kiddies

Question 76

As part of your companies comprehensive vulnerability scanning policy, you decide to perform a passive vulnerability scan on one of your companies subnetworks. Which statement is true of this scan?

Answer 76

It impacts the hosts and network less than other scan types

Question 77

Which type of attack relies on mistakes made by users when they input Web addresses

Answer 77

URL Highjacking

Question 78

NA

Question 79

Which team is responsible for debriefing both attackers and defenders after an attack simulation?

Answer 79

Purple Team

Question 80

You are exploring the attack surface of a Windows 10 host. Which scripting environment is an automation standard for modern Windows systems?

Answer 80

PowerShell

Question 81

You are exploring the attack surface of a Linux host. Which scripting environment is an automation standard for most Linux/Unix systems?

Answer 81

Bash

Question 82

Which type of state-sponsored attack targets another states critical vulnerabilities in cyberspace, so as to weaken that state’s governance or sow dissent throughout its populace

Answer 82

Hybrid Warfare

Question 83

Your company underwent an attack that involved an attacker injecting a command to access the underlying file system. Which type of attack occurred

Answer 83

Directory Traversal

Question 84

Microsoft releases a notification to all users that a vulnerability has been recently discovered in SQL. Server 2017 (version 14.0) that could allow an attacker to control your computer remotely. They are working on a fix, but do not have a workaround available. Which term best describes this risk?

Answer 84

Zero-day Vulnerability

Question 85

A use notifies you that a software application displays advertisements while the application is executing. Of which security threat is this an example?

Answer 85

Adware

Question 86

Your organization uses several applications that are considered to be multithreaded. Which memory vulnerability is associated with these application?

Answer 86

Race Condition

Question 87

Your company has recently implemented a content inspection application on a perimeter firewall. What is the purpose of content inspection?

Answer 87

To search for malicious code or behavior

Question 88

Your organization has asked the security team to add terrorist attacks to the organization’s business continuity plan. Which type of threat does this most likely represent?

Answer 88

Politically motivated threat

Question 89

NA

Question 90

Which type of threat involves a highly skilled group of attackers that keep their presence hidden, so that they can continually exploit their targets?

Answer 90

APT