Test 7 Flashcards
Exploiting known vulnerability is a common threat vector for:
Unsupported systems/apps
A solution that simplifies configuration of new wireless networks by allowing non-technical users to easily configure network security settings and add new devices to an existing network is called:
WPS
Which of the wireless technologies listed below are considered potential threat vectors and should be avoided due to their known vulnerabilities? (Select all that apply)
WPS
WPA
WPA2
WEP
The term “Evil twin” refers to a rogue WAP set up for eavesdropping or stealing sensitive user data. Evil twin replaces the legitimate AP and by advertising its own presence with the same Service Set Identifier (SSID, a.k.a. network name) appears as a legitimate AP to connecting hosts.
True
Which of the following answers refers to a threat vector characteristic only to wired networks?
Cable tapping
Examples of threat vectors related to Bluetooth communication include: bluesmacking (a type of DoS attack that targets Bluetooth devices by overwhelming them with excessive traffic), bluejacking (the practice of sending unsolicited messages or data to a Bluetooth-enabled device), bluesnarfing (gaining unauthorized access to a Bluetooth device and data theft), and bluebugging (gaining remote control over a Bluetooth device).
True
Which of the answers listed below refers to the most probable cause of an unauthorized access caused by the exploitation of a specific network entry point?
Open service ports
The importance of changing default usernames and passwords can be illustrated by the example of certain network devices (such as routers), which are often shipped with default and well-known admin credentials that can be looked up on the web.
True
Which of the following would be the best solution for a company that needs IT services but lacks any IT personnel?
MSP
Which of the terms listed below refers to a third-party vendor offering IT security management services? (Select best answer)
MSSP
Which of the following answers refer to common threat vectors that apply to MSPs, vendors, and suppliers in the supply chain? (Select 2 answers)
Propagation of malware
Social engineering techniques
A social engineering technique whereby attackers under disguise of a legitimate request attempt to gain access to confidential information is commonly referred to as:
Phishing
Which social engineering attack relies on identity theft?
Impersonation
A BEC attack is an example of:
Phishing
Which of the answers listed below refers to a social engineering technique where an attacker creates a false scenario or situation to deceive the victim into revealing sensitive information?
Pretexting
Which of the following terms refers to a platform used for watering hole attacks?
Websites
The term “URL hijacking” (a.k.a. “Typosquatting”) refers to a deceptive practice involving the deliberate registration of domain names with misspellings or slight variations that closely resemble well-established and popular domain names. The primary goal of this strategy is to exploit the common typographical errors made by users while entering URLs into their web browser’s address bar. Beyond capturing inadvertent traffic, typosquatting may also be used for hosting phishing sites to trick users into divulging sensitive information, distributing malware through deceptive websites, generating ad revenue by redirecting mistyped traffic, or engaging in brand impersonation to harm the reputation of authentic brands or deceive users.
True
Which type of application attack relies on introducing external code into the address space of a running program?
Memory injection
A collection of precompiled functions designed to be used by more than one Microsoft Windows application simultaneously to save system resources is known as:
DLL
Which of the answers listed below refers to an application attack that relies on executing a library of code?
DLL injection
A type of exploit in which an application overwrites the contents of a memory area it should not have access to is called:
Buffer overflow
A malfunction in a preprogrammed sequential access to a shared resource is described as:
You left the correct answer unselected.
Race condition
A type of vulnerability where the state of a resource is verified at one point in time but may change before the resource is actually used is referred to as:
TOC/TOU
A malicious application update is a type of malware that can be installed through a seemingly legitimate software update. The introduction of a malicious update into the application code can be enabled through various means, including:
Unsigned application code
Unencrypted update channel (HTTP vs HTTPS)
Fake update website
Unauthorized access to update server
Compromised software development process
Which of the following answers does not refer to a common type of OS-based vulnerability?
Access control and permissions vulnerabilities (weak passwords, privilege escalation)
Vulnerabilities in installed applications, system utilities, and device drivers
Memory-related vulnerabilities (memory leaks, buffer overflows, race conditions)
Patch and update management vulnerabilities (security patch and update delays, malicious updates)
Vulnerabilities related to system/security misconfigurations
Network-related vulnerabilities (DoS attacks, remote code execution attacks)
