Security+ Practice Tests 1-5

Question 1

Registering a misspelled domain name in the hopes of getting traffic from unsuspecting users who type the URL in wrong.

Answer 1

URL hijacking
AKA typosquatting

Question 2

Attaching a piece of data to the beginning of another

Answer 2

Prepending

Question 3

A form of cyberattack that targets a group of users by infecting websites that they commonly visit.

Answer 3

Watering hole attack

Question 4

What is the platform for watering hole attacks?

Answer 4

Websites

Question 5

Where does a fileless virus reside?

Answer 5

RAM

Question 6

What is the function of a C2 server?

Answer 6

Botnet control

Question 7

A computer controlled by an attacker used to send commands to systems compromised by malware.

Answer 7

C2 (Command and Control) server

Question 8

Malware that restricts access to a computer system by encrypting data.

Answer 8

Cryptomalware

Question 9

A type of trojan that enables remote access to a compromised system.

Answer 9

RAT (Remote Access Trojan)

Question 10

A collection of software tools used by a hacker to mask intrusion and obtain administrator-level access to a computer or computer network.

Answer 10

Rootkit

Question 11

Which attack uses a short list of commonly used passwords tried against a large number of user accounts?

Answer 11

Spraying attack

Question 12

The practice of making an unauthorized copy of a payment card.

Answer 12

Cloning

Question 13

An AI feature that enables it to accomplish tasks based on training data without explicit human instructions.

Answer 13

ML (machine learning)

Question 14

When a hashing algorithm produces the same hash value for two distinct pieces of data.

Answer 14

Hash collision.

Question 15

A cryptographic attack that forces a network protocol to revert to its older, less secure version.

Answer 15

Downgrade attack

Question 16

A means of restricting access to system resources based on the sensitivity of the information and the clearance of users to access information of such sensitivity.

Answer 16

MAC (Mandatory Access Control)

Question 17

Which attack would use this string?:

SELECT * FROM users WHERE userName=’Alice’ AND password =” OR ‘1’=’1’;

Answer 17

SQL injection

Question 18

A collection of precompiled functions designed to be used by more than one Microsoft Windows application simultaneously to save system resources.

Answer 18

DLL (dynamic link library)

Question 19

A type of application attack that relies on executing a library of code.

Answer 19

DLL injection

Question 20

Which type of attack would use these bits of string?:

Administrator)&))
Search.aspx?name=username)(zone=*)

Answer 20

LDAP injection attack

Question 21

A vulnerability in which queries are constructed from untrusted input without proper validation or sanitization.

Answer 21

LDAP injection

Question 22

A protocol that makes it possible for applications to query user information.

Answer 22

LDAP (lightweight directory access protocol)

Question 23

Which type of attack would use this string?

…p@$$w0rd</password></user><user><name>attacker</name></user>

Answer 23

XML injection attack

Question 24

A language format that’s commonly used for storing, transmitting, and reconstructing data.

A software- and hardware-independent tool for storing and transporting data.

Answer 24

XML (extensible markup language)

For example:

<note>
<to>Tove</to>
<from>Jani</from>
<heading>Reminder</heading>
<body>Don't forget me this weekend!</body>
</note>

Question 25

A category of vulnerabilities where an application doesn’t correctly validate/sanitize user input before using it in an XML document or query.

Answer 25

XML injection

Question 26

A malicious attempt to trick a web application into displaying the contents of a directory other than the one requested by the user and gain access to sensitive files on a server.

Answer 26

Directory traversal attack
AKA dot-dot-slash attack

Question 27

Which type of attack would use these URLs?:

http://www.example.com/var/../etc/passwd
http://www.example.com/var/www/../../../etc/passwd
http://www.example.com/var/www/files/../../../etc/passwd
http://www.example.com/var/www/files/images/../../../../etc/passwd

Answer 27

Directory traversal attack
AKA dot-dot-slash attack

Question 28

A type of exploit that relies on overwriting contents of memory to cause unpredictable results in an application.

Answer 28

Buffer overflow

Question 29

A situation in which an application writes to an area of memory it’s not supposed to have access to.

Answer 29

Buffer overflow

Question 30

A malfunction in a preprogrammed sequential access to a shared resource.

Answer 30

Race condition

Question 31

An undesirable situation that occurs when a device or system attempts to perform two or more operations at the same time, but because of the nature of the device or system, the operations must be done in the proper sequence to be done correctly.

Answer 31

Race condition

Question 32

A vulnerability caused by race conditions.

Answer 32

TOCTOU (time-of-check time-of-use)

Question 33

A class of software bugs caused by a race condition involving the checking of the state of a part of a system and the use of the results of that check.

Answer 33

TOCTOU (time-of-check time-of-use)

Question 34

When software checks the state of a resource before using that resource, but the resource’s state changes between the check and the use in a way that invalidates the results of the check.

Answer 34

TOCTOU (time-of-check time-of-use)

Question 35

The average time between system breakdowns.

Answer 35

MTBF (mean time between failures)

Question 36

The average amount of time a non-repairable asset operates before it fails.

Answer 36

MTTF (mean time to failure)

Question 37

Which 2 programming aspects are critical to secure application development processes?

Answer 37

Input validation
Error and exception handling

Question 38

A situation in which a web form field accepts data other than expected

Answer 38

Improper input validation

Question 39

A countermeasure against code injection

Answer 39

Input validation

Question 40

When an attacker intercepts sensitive user data and resends it to the receiver with the intent of gaining unauthorized access or tricking the receiver into unauthorized operations.

Answer 40

Network replay attack

Question 41

When an attacker steals a valid session ID of a user and resends it to the server with the intent of gaining unauthorized access or tricking the server into unauthorized operations.

Answer 41

Session replay attack

Question 42

A programming error where an application tries to store a numeric value in a variable that’s too small to hold it.

Answer 42

Integer overflow

Question 43

A type of exploit that allows an attacker to take control over a server and use it as a proxy for unauthorized actions.

Answer 43

SSRF (server side request forgery)

Question 44

An attack where an attacker executes arbitrary JavaScript within the browser of a victim user.

Answer 44

XSS (cross-site scripting)

Question 45

An attack where an attacker induces a victim user to perform actions that they do not intend to.

Answer 45

XSRF (cross-site request forgery)
AKA CSRF

Question 46

What enables the exchange of information between computer programs?

Answer 46

API (application programming interface)

Most web APIs sit between the application and the web server. The user initiates an API call that tells the application to do something, then the application will use an API to ask the web server to do something.

Question 47

What is the purpose of a DoS attack?

Answer 47

Resource exhaustion

Question 48

A situation in which an application fails to properly release memory allocated to it or continually requests more memory than required.

Answer 48

Memory leak

Question 49

SSL stripping is a type of what two attacks?

Answer 49

Downgrade attack
On-path attack

Question 50

An attack performed by a malicious user that leads to a downgrade from an HTTPS secure connection to a less secure encrypted HTTP connection. As a result, the whole web connection is not encrypted anymore.

Answer 50

SSL stripping

Question 51

An attack where an attacker sits in the center between two stations and can catch and sometimes change the data that is being sent across the organization.

Answer 51

On-path attack
MITM attack

Question 52

An attack that seeks to cause a connection, protocol, or cryptographic algorithm to drop to an older and less secure version.

Answer 52

Downgrade attack
AKA version rollback attack
AKA bidding-down attack

Question 53

A software/hardware driver manipulation technique. A cyberattack technique that allows an attacker to alter the external behavior of an application without introducing any changes to the application’s code.

Answer 53

Shimming

Question 54

SDK stands for:

Answer 54

Software development kit

Question 55

Installing software obtained from a third-party source rather than an official retailer.

Answer 55

Sideloading

Question 56

A software/hardware driver manipulation technique. The practice of modifying an application’s code without changing its external behavior.

Answer 56

Refactoring

Question 57

The process of a client application submitting a request to an API and that API receiving the requested data from the external server or program and delivering it back to the client.

Answer 57

API call

Question 58

2 methods that refer to software/hardware driver manipulation techniques.

Answer 58

Refactoring
Shimming

Question 59

A technique that allows an attacker to authenticate to a remote server without extracting cleartext passwords from a digest.

Answer 59

Pass the hash.

Question 60

The term that refers to a rogue WAP set up for eavesdropping or stealing sensitive user data.

This rogue WAP replaces the legitimate access point and by advertising its own presence with the same SSID (network name) appears as a legitimate access point to connecting hosts.

Answer 60

Evil twin

Question 61

Gaining unauthorized access to a Bluetooth device.

Answer 61

Bluesnarfing

Question 62

The practice of sending unsolicited messages over Bluetooth.

Answer 62

Bluejacking

Question 63

A wireless disassociation attack is a type of which 2 attacks?

Answer 63

Deauthentication attack
DoS attack

Question 64

An attack that sends forged deauthentication frames to a WAP or client device, causing the device to disconnect from the network.

Answer 64

Wireless deauthentication attack

Question 65

An attack that sends forged disassocation frames to a WAP, causing the device to no longer be associated to the WAP.

The client can still be authenticated to a previously associated network, and they may send reassociation requests to the network they were disconnected from to resume connection.

Answer 65

Disassociation attack.

Question 66

Wireless jamming is a type of which attack?

Answer 66

DoS attack

Question 67

An attack in which an attacker transmits interfering wireless signals to decrease the signal-to-noise ratio at the receiving device.

Answer 67

RF (radio frequency) jamming

Question 68

An attack in which an attacker sends random bits of data over a network to use up the bandwidth. This attack may happen intermittently, constantly, or by targeting times in which one individual is attempting to communicate.

Answer 68

Wireless jamming

Question 69

A wireless technology that enables identification and tracking of tags attached to objects.

Answer 69

RFID

Question 70

A type of identification badge that can be held within a certain distance of a reader device to authenticate its holder.

Answer 70

RFID badge

Question 71

WTLS stands for

Answer 71

Wireless transport layer security

Question 72

WAF stands for

Answer 72

Web application firewall

Question 73

A hardware authentication device used to grant access to a restricted digital asset.

Answer 73

Hard token

For example, keys, USB drives, badges, etc.

Question 74

A digital authentication device used to grant access to a restricted digital asset.

Answer 74

Soft token

For example, multi-factor authentication, authenticator apps, clickable authentication links, etc.

Question 75

RFID is vulnerable to which attack(s)?

Spoofing
Eavesdropping
Data interception
Replay attacks
DoS attacks
All of the above

Answer 75

All of the above

Question 76

A technology used for contactless payment transactions.

Answer 76

NFC (near field communication)

Question 77

NFC is vulnerable to which attack(s)?

Data interception
Replay attacks
DoS attacks
All of the above

Answer 77

All of the above

Question 78

Which 2 processes provide randomization during the encryption process?

Answer 78

Salting
IV (Initialization Vector)

Question 79

A binary vector used as the input to initialize the algorithm for encryption to increase security by introducing additional cryptographic variance and to synchronize cryptographic equipment.

This produces a unique stream independent from other streams produced by the same encryption key.

Answer 79

IV (Initialization Vector)

Question 80

A type of attack also known as a MITM attack.

Attackers place themselves on the communication route between two devices.

Attackers intercept or modify packages sent between two communicating devices.

Answer 80

On-path attack

Question 81

An attacker managed to associate his/her MAC address with the IP address of the default gateway. In result, a targeted host is sending network traffic to the attacker’s IP address instead of the IP address of the default gateway. Based on the given info, which type of attack is taking place in this scenario?

Answer 81

ARP poisoning

Question 82

A network attack that compromises the security of a network switch by overflowing its memory used to store the MAC address table.

Answer 82

MAC (Media Access Control) flooding

Question 83

An attack that relies on altering the burned-in address of a NIC to assume the identity of a different network host is known as which 2 names?

Answer 83

MAC spoofing
MAC cloning

Question 84

A technique by which an attacker sends spoofed ARP messages onto a network. This does NOT spoof the IP or MAC address. The attacker merely responds first to the ARP request before the legitimate device is able to.

Answer 84

ARP poisoning

Question 85

4 examples of layer 2 attacks

Answer 85

MAC cloning
ARP poisoning
MAC flooding
MAC spoofing

Question 86

A situation in which domain registrants, due to unlawful actions of third parties, lose control over their domain names.

Answer 86

Domain hijacking

Question 87

A type of network attack where the intruder attempts to disrupt the network’s normalcy, modify data, and alter the system resources.

Answer 87

Active attack

Question 88

A type of network attack where the intruder intercepts data traveling through the network. They eavesdrop, but do not modify the message. (MITM is a type of this network attack.)

Answer 88

Passive attack

Question 89

A social engineering technique whereby attackers under disguise of a legitimate request attempt to gain access to confidential information is commonly referred to as:

Answer 89

Phishing

Question 90

Which of the following answers refer to smishing? (Select 2 answers)
Social engineering
Email communication
SPIT
SPIM
Text messaging

Answer 90

Social engineering
Text messaging

Question 91

The practice of using a telephone system to manipulate user into disclosing confidential information is known as:

Answer 91

Vishing

Question 92

A term describing an unsolicited advertising message

Answer 92

Spam

Remember that adware causes spam, but adware is NOT the message itself. It is only the software that causes it.

Question 93

What type of spam relies on text-based communication?

Vishing
SPIM
Bluesnarfing
SPIT

Answer 93

SPIM (spam over internet messaging)

Question 94

Phishing scams targeting a specific group of people

Answer 94

Spear phishing

Question 95

The practice of sifting through trash for discarded documents containing sensitive data.

Answer 95

Dumpster diving

Question 96

A situation in which an unauthorized person can view another user’s display or keyboard to learn their password or other confidential information is referred to as:

Answer 96

Shoulder surfing

Question 97

Which of the following answers refer to the characteristic features of pharming? (Select 3 answers)

Domain hijacking
Traffic redirection
Fraudulent website
Password attack
Credential harvesting

Answer 97

Traffic redirection
Fraudulent website
Credential harvesting

Remember that pharming often involves the victim clicking on a link to redirect them to the fraudulent website.

Question 98

Gaining unauthorized access to restricted areas by following another person

Answer 98

Tailgating

Question 99

The use of casual conversation to extract non-public information from people without giving them the feeling they’re being interrogated.

Answer 99

Elicitation

Question 100

A type of social engineering attack that involves providing a high and low estimate in order to entice a more specific number

Answer 100

Bracketing

Question 101

A type of social engineering attack that involves pretending to divulge confidential information in hopes of receiving confidential information in return

Answer 101

Confidential bait

Question 102

A type of social engineering attack that involves saying something wrong in the hopes that the person will correct the statement with true information

Answer 102

Deliberate false statements
AKA Denial of the obvious

Question 103

A type of social engineering attack that involves pretending to be ignorant of a topic in order to exploit the person’s tendency to educate

Answer 103

Feigned ignorance

Question 104

A type of social engineering attack that involves using praise to coax a person into providing information

Answer 104

Flattery

Question 105

Phishing scams targeting people holding high positions in a business

Answer 105

Whaling

Question 106

Which of the following is used in data URL phishing?

Prepending
Typosquatting
Pretexting
Domain hijacking

Answer 106

Prepending

Question 107

The use of emails to redirect recipients to a fake website and coerce them into divulging sensitive data.

Answer 107

Data URL phishing

Question 108

Adding something to the beginning of something else.

Used when an attacker attaches a trustworthy value like “RE:” or “MAILSAFE: PASSED” to a message in order to make the message appear more trustworthy.

Answer 108

Prepending

Question 109

Use of a fabricated story to gain a victim’s trust and trick or manipulate them into sharing sensitive information, downloading malware, sending money to criminals, or otherwise harming themselves or the organization they work for.

Answer 109

Pretexting

Question 110

An email message containing a warning related to a non-existent computer security threat, asking a user to delete system files falsely identified as malware, and/or prompting them to share the message with others would be an example of:

Answer 110

Virus hoax

Question 111

What is the platform for watering hole attacks?

Answer 111

Websites

Question 112

The internal telephone network of a business or other entity. It manages phone calls internally and externally for an organization.

Answer 112

PBX (Private Branch Exchange) system

Question 113

A type of email server that protects an organization’s or users’ internal email servers. It acts as a gateway through which every incoming and outgoing email passes through.

Answer 113

Email gateway

Question 114

The practice of registering misspelled domain name closely resembling other well established and popular domain name in hopes of getting Internet traffic from users who would make errors while typing in the URL in their web browsers.

Answer 114

URL hijacking
AKA typosquatting

Question 115

An attacker impersonates a company’s managing staff member to manipulate a lower rank employee into disclosing confidential data. The attacker informs the victim that the information is essential for a task that needs to be completed within the business hours on the same day and mentions potential financial losses for the company in case the victim refuses to comply. Which social engineering principles apply to this attack scenario? (Select 3 answers)

Urgency
Familiarity
Authority
Consensus
Intimidation
Scarcity

Answer 115

Urgency
Authority
Intimidation

Remember that this manager might not be very familiar with the lower ranking employee.

Urgency is because the task must be completed same-day.

Authority is because the attacker is impersonating the employee’s manager.

Intimidation is because they threatened the employee with financial loss.

Question 116

An attacker impersonating a software beta tester replies to a victim’s post in a forum thread discussing the best options for affordable productivity software. A while later, he/she follows up by sending the victim private message mentioning the discussion thread and offering free access to a closed beta version of a fake office app. Which social engineering principles apply to this attack scenario? (Select 3 answers)

Authority
Intimidation
Consensus
Scarcity
Familiarity
Trust
Urgency

Answer 116

Scarcity
Familiarity
Trust

Scarcity because it is a closed beta version not available to anyone else

Familiarity because this is a person with whom the victim has already interacted with before

Trust because the attacker is impersonating a software beta tester

Question 117

While conducting a web research that would help in making a better purchasing decision, a user visits series of Facebook pages and blogs containing fake reviews and testimonials in favor of a paid app intentionally infected with malware. Which social engineering principle applies to this attack scenario?

Scarcity
Authority
Consensus
Intimidation
Urgency

Answer 117

Consensus

Question 118

Harmful programs used to disrupt computer operation, gather sensitive information, or gain unauthorized access to computer systems are commonly referred to as:

Answer 118

Malware

Question 119

Malware that restricts access to a computer system by encrypting files or locking the entire system down until the user performs requested action is known as:

Answer 119

Ransomware

Question 120

A type of software that performs unwanted and harmful actions in disguise of a legitimate and useful program. This type of malware might act like a legitimate program and have all the expected functionalities, but apart from that it will also contain a portion of malicious code that the user is unaware of.

Answer 120

Trojan horse

Question 121

A standalone malicious computer program that typically propagates itself over a computer network to adversely affect system resources and network bandwidth is called:

Answer 121

Worm

Question 122

A cyberattack to gain illicit access of elevated rights, permissions, entitlements, or privileges beyond what is assigned for an identity, account, user, or machine. This attack can involve an external threat actor or an insider threat.

Answer 122

Privilege escalation

Question 123

Spam messages symptomatic of widely-used free instant messaging apps like Messenger, Whatsapp, Viber, Telegram, Skype and WeChat. These spam messages are usually commercial-type spam but can contain malware and spyware.

Answer 123

SPIM (spam over instant messaging)

Question 124

Unsolicited bulk messages broadcast over VoIP (Voice over Internet Protocol) to phones connected to the Internet.

Answer 124

SPIT (spam over internet telephony)
AKA vam (voice/VoIP spam)

Question 125

What is a PUP (Potentially Unwanted Program)? (Select 3 answers.)

Not explicitly classified as malware by AV software

An app downloaded and installed w/out the user’s consent (illegal app)

A type of software that may adversely affect the computer’s security and performance, compromise user’s privacy, or display unsolicited ads

An app downloaded and installed with the user’s consent (legal app)

Explicitly classified as malware by AV software

A type of free, utility software often bundled with a paid app

Answer 125

Not explicitly classified as malware by AV software

A type of software that may adversely affect the computer’s security and performance, compromise user’s privacy, or display unsolicited ads

An app downloaded and installed w/ the user’s consent

Question 126

A type of free, utility software often bundled with a paid app

Answer 126

Bloatware

Question 127

A malware-infected network host under remote control of a hacker is commonly referred to as:

Answer 127

Bot

Question 128

A private network similar to an intranet, but typically open to external parties, such as business partners, suppliers, key customers, etc.

Answer 128

Extranet

Question 129

A private network contained within an enterprise that is used to securely share company information and computing resources among employees.

Answer 129

Intranet

Question 130

A network set up to catch a hacker’s attention. It’s designed to look, feel, and act just like a network packed tight with valuable resources. But it also contains plenty of monitoring tools.

Answer 130

Honeynet

Question 131

A keylogger is an example of what type of malware?

Answer 131

Spyware

Question 132

Malicious software collecting info about users w/out their knowledge/consent is known as:

Answer 132

Spyware

Question 133

A type of service that, through a joint digital channel, enables users to plan, book, and pay for multiple types of mobility services. The concept describes a shift away from personally-owned modes of transportation and towards mobility provided as a service.

Answer 133

MaaS (Mobility as a Service)

Question 134

An undocumented (and often legitimate) way of gaining access to a program, online service, or an entire computer system

Answer 134

Backdoor

Question 135

Which password attack bypasses account-lockout policies?

Birthday
Spraying
Dictionary
Replay

Answer 135

Spraying attack

Question 136

T/F: One of the measures for bypassing the failed logon attempt account lockout policy is to capture any relevant data that might contain the password and brute force it offline.

Answer 136

True

Question 137

T/F: Rainbow tables are lookup tables used to speed up the process of password guessing.

Answer 137

True

Question 138

What are the contents of a rainbow table entry?

Answer 138

Hash/Password

Question 139

Due to added functionality in its plug, malicious USB cables can be used for:

GPS tracking
Capturing keystrokes
Sending and receiving commands
Delivering and executing malware
Any of the above

Answer 139

Any of the above

Question 140

Theft of personal data from a payment card is known as:

Answer 140

Skimming

Question 141

A technique in which an attacker moves from one compromised system to the next in a network.

Answer 141

Pivoting

Question 142

The process of unlocking or jailbreaking a device, such as a smartphone or tablet.

Answer 142

Rooting

Question 143

RAD stands for

Answer 143

Rapid Application Development

Question 144

A cryptographic attack that relies on the concepts of probability theory

Answer 144

Birthday

Question 145

A type of attack where the attacker has an access to the ciphertext and its corresponding plaintext (crib). His goal is to guess the secret key (or a number of secret keys) or to develop an algorithm which would allow him to decrypt any further messages.

Answer 145

KPA (known-plaintext attack)

Question 146

AAA stands for

Answer 146

Authentication, Authorization, Accounting

Question 147

T/F: A situation where a cryptographic hash function produces two different digests for the same data input is referred to as a hash collision.

Answer 147

False

A hash collision is where 2 different data inputs have the same hash

Question 148

A situation where a cryptographic hash function produces the same message digest for two distinct data inputs.

Answer 148

Hash collision

Question 149

A type of cryptographic attack that forces a network protocol to revert to its older, less secure version is known as:

Answer 149

Downgrade attack

Question 150

Which of the following facilitate(s) privilege escalation attacks? (Select all that apply)

System/application vulnerability
Principle of least authority
Social engineering techniques
MAC (Mandatory Access Control)
System/application misconfiguration

Answer 150

System/application vulnerability
Social engineering techniques
System/application misconfiguration

Remember that Mandatory Access Control and principle of least authority are both ways to PREVENT a privilege escalation attack.

Question 151

Which of the following answers can be used to describe characteristics of a cross-site scripting attack? (Select 3 answers)

Exploits the trust a user’s web browser has in a website

A malicious script is injected into a trusted website

User’s browser executes the attacker’s script

Exploits the trust a website has in the user’s web browser

A user is tricked by an attacker into submitting unauthorized web requests

Website executes attacker’s requests

Answer 151

Exploits the trust a user’s web browser has in a website

A malicious script is injected into a trusted website

User’s browser executes the attacker’s script

Question 152

Which of the following indicates an SQL injection attack attempt?

DELETE FROM itemDB WHERE itemID = ‘1’;

SELECT * FROM users WHERE userName = ‘Alice’ AND password = ‘’ OR ‘1’ = ‘1’;

DROP TABLE itemDB;

SELECT * FROM users WHERE email = ‘example@example.com’ AND password = ‘’;

Answer 152

SELECT * FROM users WHERE userName = ‘Alice’ AND password = ‘’ OR ‘1’ = ‘1’;

Question 153

Which of the following fragments of input might indicate an LDAP injection attack attempt? (Select 2 answers)

… AND password = ‘’ OR ‘1’ = ‘1’;

administrator)(&))

…

 malicious script code 

search.aspx?name=userName)(zone=*)

… p@$$w0rd</password></user><user><name>attacker</name> ....</user>

Answer 153

administrator)(&))

search.aspx?name=userName)(zone=*)

Question 154

Which of the following fragments of input might indicate an XML injection attack attempt?

…

 malicious script code 

search.aspx?name=userName)(zone=*)

… p@$$w0rd</password></user><user><name>attacker</name> ....</user>

administrator)(&))

… AND password = ‘’ OR ‘1’ = ‘1’;

Answer 154

… p@$$w0rd</password></user><user><name>attacker</name> ....</user>

Question 155

An attempt to read a variable value from an invalid memory address?

Answer 155

Null-pointer deference

Question 156

A type of exploit that relies on overwriting contents of memory to cause unpredictable results in an application is called:

Answer 156

Buffer overflow

Question 157

A type of attack in which the attacker uses mathematical algorithms to predict the IV in encryption. Once the IV is known, the attacker can use it to decrypt encrypted messages.

Answer 157

IV attack

Question 158

An automated software testing method that injects invalid, malformed, or unexpected inputs into a system to reveal software defects and vulnerabilities. A tool injects these inputs into the system and then monitors for exceptions such as crashes or information leakage.

Answer 158

Fuzz test

Question 159

A malfunction in a preprogrammed sequential access to a shared resource is described as:

Answer 159

Race condition

Question 160

The process of reorganizing data in a database so that it meets two basic requirements: There is no redundancy of data, all data is stored in only one place.

Answer 160

Normalization

Question 161

Which of the following are the characteristic features of a session ID? (Select 3 answers)

Stored on a server

A unique identifier assigned by the website to a specific user

Contains user’s authentication credentials, e.g. username and password

A piece of data that can be stored in a cookie, or embedded as an URL parameter

Stored in a visitor’s browser

A unique identifier assigned to a server

Answer 161

A unique identifier assigned by the website to a specific user

A piece of data that can be stored in a cookie, or embedded as a URL parameter

Stored in a visitor’s browser

Question 162

Which type of exploit allows an attacker to take control over a server and use it as a proxy for unauthorized actions?

Answer 162

SSRF (Server-side request forgery)

Question 163

Which of the following answers can be used to describe characteristics of a cross-site request forgery attack? (Select 3 answers)

Exploits the trust a website has in the user’s web browser

A user is tricked by an attacker into submitting unauthorized web requests

Website executes attacker’s requests

Exploits the trust a user’s web browser has in a website

A malicious script is injected into a trusted website

User’s browser executes attacker’s script

Answer 163

Exploits the trust a website has in the user’s web browser

A user is tricked by an attacker into submitting unauthorized web requests

Website executes attacker’s requests

Question 164

T/F: In an on-path attack, attackers generate forged packets and inject them in the network.

Answer 164

False

A MITM attack is AKA eavesdropping attack. It does not involve forging new data.

Question 165

SDN stands for

Answer 165

Software-Defined Networking

Question 166

An approach to networking that uses software-based controllers or application programming interfaces (APIs) to communicate with underlying hardware infrastructure and direct traffic on a network.

Answer 166

SDN (Software-Defined Networking)

Question 167

PED stands for

Answer 167

Portable electronic device

Question 168

The process of hiding original data with modified content such as characters or other data

Answer 168

Obfuscation

Question 169

The process of hiding original data with modified content such as characters or other data

Answer 169

Obfuscation

Question 170

A type of network attack which involves the attacker injecting their own forged packets into the data stream.

Answer 170

Packet injection attack

Question 171

APT stands for

Answer 171

Active Persistent Threat

Question 172

Remapping a domain name to a rogue IP address is what kind of exploit?

Answer 172

DNS poisoning

Question 173

URL redirection is a characteristic feature of what kind of attack?

Answer 173

Pharming

Question 174

Which has the biggest impact on domain reputation?

Domain age
Missing SSL certificate
Derivative content
Bounce rate
Distribution of spam

Answer 174

Distribution of spam

Question 175

What is the most common form of DDoS attack?

Answer 175

Network-based

Question 176

Which type of DDoS attack uses IoT devices as bots to carry out the attack?

Answer 176

IoT-based

Question 177

OT stands for

Answer 177

Operational Technology

Question 178

The use of hardware and software to monitor and control physical processes, devices, and infrastructure.

Answer 178

OT (Operational Technology)

Question 179

Robots, industrial control systems (ICS), Supervisory control and data acquisition (SCADA) systems, programmable logic controllers (PLCs), and computer numerical control (CNC) are examples of what?

Answer 179

OT (Operational Technology)

Question 180

Which type of DDoS attack industrial equipment and infrastructure?

Answer 180

OT

Question 181

Which type of DDoS attack targets application services such as web servers and application firewalls?

Answer 181

Application

Question 182

ATT&CK stands for

Answer 182

Adversarial Tactics, Techniques, and Common Knowledge

Question 183

A globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.

Answer 183

ATT&CK

Question 184

IoC stands for

Answer 184

Indicators of Compromise

Question 185

During a cybersecurity incident, the digital breadcrumbs that reveal that an attack has occurred, what tools were used in the attack, and who’s behind it.

Answer 185

IoC (Indicators of Compromise)

Question 186

Microsoft PowerShell script file extension

Answer 186

.ps1

Question 187

A filename extension used in a cross-platform, general-purpose programming language?

Answer 187

.py (Python programming language)

Question 188

A filename extension for a UNIX shell executable file.

Answer 188

.sh

Question 189

A filename extension for a Microsoft Visual Basic file

Answer 189

.vbs

Question 190

A filename extension for a batch file

Answer 190

.bat

Question 191

DOM stands for

Answer 191

Document Object Model

Question 192

An application programming interface (API) for HTML and XML documents. It defines the logical structure of documents and the way a document is accessed and manipulated.

It connects web pages to scripts or programming languages by representing the structure of a document in memory.

It represents a document with a logical tree. Each branch of the tree ends in a node, and each node contains objects. With them, you can change the document’s structure, style, or content.

Answer 192

DOM (Document Object Model)

Question 193

VBA stands for

Answer 193

Visual Basic for Applications

Question 194

Which of the following enables running macros in Microsoft Office applications?

Answer 194

VBA (Visual Basic for Applications)

Question 195

A computer programming language developed and owned by Microsoft.
Used to create macros to automate repetitive word- and data-processing functions, and generate custom forms, graphs, and reports.

Answer 195

VBA (Visual Basic for Applications)

Question 196

A filename extension for JavaScript file

Answer 196

.js

Question 197

A filename extension for a source code file created in Visual Basic language

Answer 197

.vb

Question 198

Which statements best describe the attributes of an APT? (Select 3 answers)

Lack of extensive resources/funding

High level of technical sophistication

Extensive amount of resources/funding

Threat actors are individuals

Low level of technical sophistication

Typically funded by governments/nation states

Answer 198

High level of technical sophistication

Extensive amount of resources/funding

Typically funded by governments/nation states

Question 199

A disgruntled employee abusing legitimate access to a company’s internal resources is called

Answer 199

Insider threat

Question 200

A person who uses existing computer scripts or code to hack into computers, lacking the expertise to write their own.

Answer 200

Script kiddie

Question 201

Hackers that use their technical skills to defraud and blackmail others.

Answer 201

Black hat

Question 202

Hackers that use their technical skills to protect the world from bad hackers.

Answer 202

White hat

Question 203

Hackers that use their technical skills with good intentions, but do not take the ethical route. They may penetrate networks to look for vulnerabilities without your consent, but do not cause harm.

Answer 203

Gray hat

Question 204

Hackers that use their technical skills with good intentions, but use extreme and sometimes illegal routes to achieve their goals. They deploy dangerous cyber attacks against black hat hackers.

Answer 204

Red hat

Question 205

Hackers that work as security professionals outside the organization. They are invited to test new software and find vulnerabilities. They perform penetration testing without causing damage.

Answer 205

Blue hat

Question 206

Hackers that are still learning about techniques and programming. This type is different from a script kiddie because this type of hacker works hard to continue to learn and develop skills.

Answer 206

Green hat

Question 207

Which of the following statements does not match a typical description of nation states or state-funded groups identified as threat actors?

Political or economic motivation

High level of technical sophistication

Advanced Persistent Threat (APT)

High level of resources/funding

Typically classified as an internal threat

Answer 207

Typically classified as an internal threat

Question 208

A person who breaks into a computer network or system for a politically or socially motivated purpose is usually described as a(n):

Answer 208

Hacktivist

Question 209

Which statements best describe the attributes of a script kiddie? (Select 2 answers)

Motivated by money

Low level of technical sophistication

Motivated by ideology

High level of technical sophistication

Lack of extensive resources/funding

Answer 209

Low level of technical sophistication

Lack of extensive resoruces/funding

Question 210

Threat actors whose sole intent behind breaking into a computer system or network is monetary gain

Answer 210

Criminal syndicates

Question 211

People or groups who use their technology skills to facilitate hacking, sabotage, theft, misinformation and other operations on behalf of a country. They are state-sponsored.

Answer 211

Nation-state threat actors

Question 212

A prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period of time. Usually done to steal data.

Answer 212

APT (Advanced Persistent Threat)

Question 213

Which types of hacking are authorized? (Select 2)

Black hat
Gray hat
White hat
Blue hat
Green hta

Answer 213

White hat
Blue hat

Question 214

Which types of hacking are unauthorized?

Gray hat
White hat
Black hat
Blue hat

Answer 214

Black hat

Question 215

Which type of hacking is semi-authorized?

Blue hat
Black hat
Gray hat
White hat

Answer 215

Gray hat

Question 216

Software and hardware used w/in an organization, but outside of the organization’s official IT infrastructure.

Answer 216

Shadow IT

Question 217

Threat actors that engage in illegal activities to get the know-how and gain market advantage?

Answer 217

Competitors

Question 218

Any combination of persons or enterprises engaging, or having the purpose of engaging, on a continuing basis in conduct that violates one or more provisions of a felony statute of a United States jurisdiction.

Answer 218

Criminal syndicate

Question 219

Which of the following answers does not relate to a direct access threat vector?

Malicious USB cable

Backdoor

Malicious URL

Lack of physical security controls

Malicious flash drive

Answer 219

Malicious URL

Question 220

Which of the following answers refer(s) to wireless threat vector(s)? (Select all that apply)

Network protocol vulnerabilities (WEP/WPA)

Rogue AP / Evil twin

Default security configurations

Malicious email attachments

Vulnerabilities in network security standards (WPS)

Answer 220

Network protocol vulnerabilities (WEP/WPA)

Rogue AP/ evil twin

Default security configurations

Vulnerabilities in network security standards (WPS)

Question 221

WEP stands for

Answer 221

Wired Equivalent Privacy

It’s a sucky security protocol.

Question 222

WPA stands for

Answer 222

Wi-Fi Protected Access

More secure than WEP

Question 223

WPS stands for

Answer 223

Wi-Fi Protected Setup

A feature supplied with many routers. It is designed to make the process of connecting to a secure wireless network from a computer or other device easier. It makes routers extremely vulnerable to cyberattacks.

Question 224

A type of attack vector where the attacker gains physical access to a computer and performs malicious actions.

Answer 224

Direct access attack vector

Question 225

Which of the following enables client-side URL redirection?

host
hosts
hostname
localhost

Answer 225

hosts