Test 10 Flashcards
Which of the following URLs is a potential indicator of a directory traversal attack?
http://www.example.com/var/../etc/passwd
http://www.example.com/var/www/../../etc/passwd
http://www.example.com/var/www/files/../../../etc/passwd
http://www.example.com/var/www/files/images/../../../../etc/passwd
A type of cryptographic attack that forces a network protocol to revert to its older, less secure version is known as:
Downgrade attack
A hash collision occurs when cryptographic hash function produces two different digests for the same data input.
False
Which cryptographic attack relies on the concepts of probability theory?
Birthday
A short list of commonly used passwords tried against large number of user accounts is a characteristic feature of:
Spraying attack
Which password attack bypasses account-lockout policies?
Spraying attack (
An attack against encrypted data that relies heavily on computing power to check all possible keys and passwords until the correct one is found is called:
Brute-force attack
One of the measures for bypassing the failed logon attempt account lockout policy is to capture any relevant data that might contain the password and brute force it offline.
True
A type of forensic evidence that can be used to detect unauthorized access attempts or other malicious activities is called:
IoC
An account lockout might indicate which type of malicious activity?
Password brute-forcing attempt
Which of the terms listed below most accurately describes a situation wherein a single account is being used from multiple locations/devices at the same time?
Concurrent session usage
Which of the following terms refers to a malicious activity indicator in a situation where a firewall or other security measure prevents an attempt to deliver malicious payload or perform an unauthorized action?
Blocked content
Which of the terms listed below most accurately describes a situation wherein an account is accessed from a location that is physically impossible for the user to be in?
Impossible travel
The term “Out-of-cycle logging” refers to instances where systems or applications produce logs outside their regular intervals or in abnormal volumes, potentially signaling malicious activity.
True
Which of the following would indicate an attempt to hide evidence of malicious activity?
Missing logs
Which of the terms listed below refers to a logical grouping of computers that allow computer hosts to function as if they were attached to the same broadcast domain regardless of their physical location?
VLAN
What is the name of a solution that increases the efficiency of IP address space management by allowing network administrators to divide networks into subnets of different sizes?
VLSM
Which of the following provides granular control over user access to specific network segments and resources based on their assigned roles and permissions?
IAM
Which of the answers listed below refers to a solution that allows for easier management and control of network segmentation policies through software applications?
SDN
Which of the following acronyms refers to a set of rules that specify which users or system processes are granted access to objects as well as what operations are allowed on a given object?
ACL
A rule-based access control mechanism implemented on routers, switches, and firewalls is referred to as:
ACL
Which of the answers listed below refers to a rule-based access control mechanism associated with files and/or directories?
FACL
Which of the following policies applies to any requests that fall outside the criteria defined in an ACL?
Implicit deny policy
Which of the answers listed below does not refer to the concept of network isolation?
DLP
Which of the following answers does not refer to the concept of system/application isolation?
Data encryption (
