Testing Your Infrastructure

Question 1

Which of the following vulnerabilities can be avoided with data sanitization?

Embedded systems

End-of-life systems

Lack of vendor support

Answer 1

End-of-life systems

Eliminating data on end-of-life systems avoids vulnerabilities to sensitive data

Question 2

Which of the following attacks is conducted by trying to get a view of sensitive information on a user’s screen?

Dumpster diving

Eavesdropping

Shoulder surfing

Answer 2

Shoulder surfing

Shoulder surfing is an attack in which the perpetrator tries to view sensitive information on a user’s screen

Question 3

You are a security administrator in a company, and a user has just forwarded a suspicious e-mail to you that directs the user to click a link to a banking Web site and enter their credentials to verify the account. What type of social engineering attack is being attempted?

Phishing

Vishing

Man-in-the middle

Answer 3

Phishing

A phishing attack is conducted by sending an e-mail to an unsuspecting user to get the user to click a link in the e-mail and enter sensitive information, such as credentials or other personal information, into the site

Question 4

An attacker calls an administrative assistant and tells him that she is the new executive assistant for the company senior vice president. She claims the VP is traveling, and she needs access to certain sensitive files in a file share. The attacker tries to bully the admin assistant into giving her permissions to the file share by threatening to have him fired if he doesn’t oblige. Which two characteristics of human behavior is the attacker trying to take advantage of in this attack? (Choose two.)

Trust

Fear of authority

Social proof

Respect of authority

Answer 4

Fear of authority

Respect of authority

The attacker is taking advantage of the human tendency to fear and respect authority figures

Question 5

A person calls and tells you that he has locked his account because he forgot his remote access password. He tells you that he doesn’t have time to come down to your desk and positively identify himself because he is off-site at a customer facility and must present an important briefing to the customer within the next few minutes. He insists that he needs his remote access password changed immediately, but promises to come and see you after he returns to the office to verify his identity. What kind of social engineering tactic is being used in this attack?

Authority

Familiarity

Urgency

Answer 5

Urgency

The attacker is trying to use a tactic involving urgency of need to get the remote access password reset, without having his identity verified

Question 6

Your manager wants you to attempt to determine what security vulnerabilities may be present in an application before it goes into production. You’re to take the application directly from the programmers and go through the program itself. Which of the following assessment techniques should you use first?

Architecture review

Design review

Code review

Answer 6

Code review

Code review is an appropriate assessment technique in this case to run first, since you are looking at the program itself before it goes into production. You would of course also run a network scanner and other tools against the box with the app loaded on it to test for security vulnerabilities

Question 7

Which of the following types of assessments actually exploits weaknesses found in a system?

Architecture review

Vulnerability test

Penetration test

Answer 7

Penetration test

A penetration test is designed to exploit any vulnerabilities found in a system

Question 8

You are performing a penetration test and are given only some basic information on the target system, including its IP address range and a basic network diagram. What type of penetration test is this considered to be?

Gray box test

Black box test

White box test

Answer 8

Gray box test

A gray box test is one in which the tester is given only limited information on the target network

Question 9

A security testing tool that does not interfere with the operation of the system or network at all is considered:

Active

Passive

Less accurate

Answer 9

Passive

A passive tool does not interfere with the operation or performance of the system or network

Question 10

Which of the following is considered a dangerous type of finding because it can actually mean that a potential security vulnerability goes undetected?

False positive

False negative

False flag

Answer 10

False negative

A false negative can mean that an actual vulnerability goes undetected