Threats, Attacks, and Vulnerabilities Flashcards
An attacker has stolen credit card numbers using an on-path attack. Which of the following would BEST describe the credit card numbers when they were acquired?
In-transit
Asymmetrically encrypted
TOTP
Non-repudiated
East-west traffic
Time to check my statement
A team of security professionals is responsible for identifying vulnerabilities and deploying patches. Which of the following would BEST describe this group?
Red team
White team
Blue team
Yellow team
Purple team
Reading Rainbow
Which of the following would be the BEST example of passive footprinting?
Ping scan the Internet subnet
Find all open ports on a VPN concentrator
List employee names found on a social media site
Perform password spraying on all admin accounts
Scan the corporate web server for vulnerabilities
Don’t say hello in the morning
After gaining access using a known vulnerability, an attacker creates a new account on the system. Which of the following would BEST describe this action?
Bug bounty
Persistence
Unknown environment
Cleanup
Lateral movement
We should have locked that door
A recent vulnerability scan has identified a server with a critical Windows vulnerability. However, the server is running Linux OS and services. Which of the following would BEST describe this information?
Credentialed scan
False positive
Prepending
Advanced persistent threat
Threat feeds
Lights and sirens
An attacker has publicly released the salary information of all executives in a multinational corporation. Which of the following impacts would be MOST associated with this information release?
Reputation
Availability loss
Data loss
Financial loss
Identity theft
I can’t count that high
After installing a recent application update, a computer’s anti-virus has reported malware and quarantined the software. Which of the following would be the MOST likely reason for this alert?
Lack of vendor support
Third-party cloud storage transfer
Incorrect firewall configuration
Supply chain breach
Phishing attack
Time for a vacation
A security engineer is researching a new CVE. Which of the following would BEST describe the contents of this research?
Automation script
Vulnerability feed
Infrastructure as code
File integrity monitoring
Request for comment
We could use a microscope and beaker
A security administrator is using OSINT for threat intelligence against a private company. Which of the following resources will be used for this task?
Employee handbook
Call logs
Internet discussion groups
Employee compensation list
Company security policies
I’m making a folder
A security admin has noticed an increase in automated attack scripts against their web server, but many of the attacks are outdated and don’t apply to the server. Which of the following would be the MOST likely source of this attack?
Nation state
Insiders
Script kiddies
Shadow IT
Criminal syndicates
It’s the butler
A security administrator is concerned that spreadsheets emailed from a third-party may contain malicious code. Which of the following would be the MOST likely code type associated with this issue?
Shell script
VBA
PowerShell
Kerberos
Python
I didn’t know there would be typing
An organization’s web server is seeing an exponential increase in connections and all available bandwidth is in use. Which of the following would BEST describe this attack?
DDoS
Brute force
Wireless jamming
MAC flooding
Disassociation
Have you tried turning it off and back on again
An attacker has modified a DNS server configuration to resolve the attacker’s IP address. Which of the following would describe this attack type?
Hijacking
Poisoning
Denial of service
Typo-squatting
Evil twin
Point and look
A switch is forwarding all network traffic to every interface on the switch. Which of the following would be the MOST likely reason for this?
Duplicate IP addresses
Duplex mismatch
MAC table is full
STP is disabled
Incorrect wireless security options
Hubs are underrated
All communication between two devices is being monitored by an attacker in real-time. Which of the following would BEST describe this attack?
Brute force
On-path
Denial of service
Rogue access point
Disassociation
We’ll need blinders