CompTIA Security+ Practice Tests SY0-501 E-Book

CompTIA Security+ Practice Tests SY0-501

Copyright © 2020 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Vijin BorichaAcquisition Editor:Rahul NairContent Development Editor:Drashti PanchalSenior Editor: Arun NadarTechnical Editor:Komal KarneCopy Editor: Safis EditingProject Coordinator:Anish DanielProofreader: Safis EditingIndexer:Manju ArasanProduction Designer:Alishon Mendonsa

First published: January 2020

Production reference: 1100120

Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK.

ISBN 978-1-83882-888-2

www.packt.com

Packt.com

Subscribe to our online digital library for full access to over 7,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

Why subscribe?

Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

Improve your learning with Skill Plans built especially for you

Get a free eBook or video every month

Fully searchable for easy access to vital information

Copy and paste, print, and bookmark content

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.packt.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.

At www.packt.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks. 

Contributors

About the author

Ian Neil is one of the world's top trainers of Security+ 501, who has the ability to break down information into manageable chunks helping no background knowledge. Ian was a finalist of the Learning and Performance Institute Trainer of the Year Awards. He has worked for the US Army in Europe and designed a Security+ course that catered to people from all backgrounds and not just the IT professional, with an extremely successful pass rate. He was instrumental in helping Microsoft get their office in Bucharest off the ground, where he won a recognition award for being one of their top trainers. Ian is an MCT, MCSE, A+, Network+, Security+, CASP, and RESILIA practitioner who over the past 20 years has worked with high-end training providers.

About the reviewers

Philip Brooker is an IT security consultant based in the United Kingdom who works with small, medium, and large enterprises in the private sector. Formerly, he worked as an IT systems administrator and project engineer. With over a decade of IT experience, Philip has achieved numerous industry certifications, including, of course, CompTIA Security+. 

Francisco Gaspar is an engineer by training, cyber security architect by trade, and a team player by nature.

First and foremost, he is a geek, as he breathes technology. He has always had a special interest in robotics and AI and, more recently, has developed an interest in quantum computing. He endeavors to be a cyber security evangelist whenever he has the opportunity.

He has mentored in a program that helps people retrain to become programmers and, for the last 3 years, he has lived in Dublin, where he has been involved as a mentor in launching start-ups in a program called UpStart, at Trinity College, Dublin. This program is sponsored by CitiBank.

His most well-known publication/appearance was in TED, where he has done a TED talk on cyber security.

Packt is searching for authors like you

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

Table of Contents

Title Page

Copyright and Credits

CompTIA Security+ Practice Tests SY0-501

Dedication

About Packt

Why subscribe?

Contributors

About the author

About the reviewers

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Get in touch

Reviews

Threats, Attacks, and Vulnerabilities Practice Tests

Practice Test 1 – Open Questions – Threats, Attacks, and Vulnerabilities

Practice Test 2 – Fill The Gaps – Threats, Attacks, and Vulnerabilities

Practice Test 3 – Drag and Drops – Threats, Attacks, and Vulnerabilities

Practice Test 4 – Mock Exam 1

Cheat Sheet

Malware

Attacks – Social Engineering

Attacks – Application

Wireless Attacks

Cryptographic Attacks

Threat Actors

Penetration Testing

Vulnerability Scanning

Vulnerability Impact

Technologies and Tools Practice Tests

Practice Test 5 – Open Questions – Technologies and Tools

Practice Test 6 – Fill The Gaps – Technologies and Tools

Practice Test 7 – Drag and Drops – Technologies and Tools

Practice Test 8 – Mock Exam 2

Cheat Sheet

Access Control Lists (ACLs)

Firewalls

Network Protection

Proxy Server

Reverse Proxy

Load Balancer

SIEM System

Tools

Data Sanitization Tools

Command-Line Tools

Mobile Devices

Architecture and Design Practice Tests

Practice Test 9 – Open Questions – Architecture and Design

Practice Test 10 – Fill The Gaps – Architecture and Design

Practice Test 11 – Drag and Drop – Architecture and Design

Practice Test 12 – Mock Exam 3

Cheat Sheet

Frameworks and Guides

Defense in Depth

Secure Network

Secure Mobile Device

Applications

IoT Devices

Software Development Life Cycles

Embedded Systems

Secure Application Concepts

Cloud Models

Cloud Services

Cloud Miscellaneous

Virtualization

Resiliency and Automation

Physical Security Controls

Identity and Access Management Practice Tests

Practice Test 13 – Open Questions – Identity and Access Management

Practice Test 14 – Fill The Gaps – Identity and Access Management

Practice Test 15 – Drag and Drop – Identity and Access Management

Practice Test 16 – Mock Exam 4

Cheat Sheet

Authentication Factors

Federation Services

AAA

Authentication Types

Account Types

Account Policy Enforcement

Access Control Models

Physical Access Control

Biometrics

General Concepts

Cryptography and PKI Practice Tests

Practice Test 17 – Open Questions – Cryptography and PKI

Practice Test 18 – Fill The Gaps – Cryptography and PKI

Practice Test 19 – Drag and Drop – Cryptography and PKI

Practice Test 20 – Mock Exam 5

Cheat Sheet

Certificate Hierarchy

Certificate Validation

Private Keys

Public Keys

Trust Models

Miscellaneous

Cryptographic Algorithms

Symmetric Encryption

Asymmetric Encryption

Ephemeral Key

Hashing

Key Stretching

Basic Cryptographic Concepts

Wireless Security – Low to High

Wireless Authentication

Risk Management

Practice Test 21 – Open Questions – Risk Management

Practice Test 22 – Fill The Gaps – Risk Management

Practice Test 23 – Drag and Drops – Risk Management

Practice Test 24 – Mock Exam 6

Cheat Sheet

Risk Treatments

Risk Assessment

Personnel Management

Business Impact Analysis

Forensics

Recovery Sites

Data Destruction

Assessment

Chapter 1: Threats, Attacks, and Vulnerabilities Practice Tests

Practice Test 1 – Solution

Practice Test 2 – Solution

Practice Test 3 – Solution

Practice Test 4 – Mock Exam 1 – Solution

Chapter 2: Technologies and Tools Practice Tests

Practice Test 5 – Solution

Practice Test 6 – Solution

Practice Test 7 – Solution

Practice Test 8 – Mock Exam 2 – Solution

Chapter 3: Architecture and Design Practice Tests

Practice Test 9 – Solution

Practice Test 10 – Solution

Practice Test 11 – Solution

Practice Test 12 – Mock Exam 3 – Solution

Chapter 4: Identity and Access Management Practice Tests

Practice Test 13 – Solution

Practice Test 14 – Solution

Practice Test 15 – Solution

Practice Test 16 – Mock Exam 4 – Solution

Chapter 5: Cryptography and PKI Practice Tests

Practice Test 17 – Solution

Practice Test 18 – Solution

Practice Test 19 – Solution

Practice Test 20 – Mock Exam 5 – Solution

Chapter 6: Risk Management

Practice Test 21 – Solution

Practice Test 22 – Solution

Practice Test 23 – Solution

Practice Test 24 – Mock Exam 6 – Solution

Other Books You May Enjoy

Leave a review - let other readers know what you think

Preface

Who this book is for

Individuals who will benefit from this book include military personnel and DOD civilians who require this certification for their job role. It is a great resource for those students who wish to gain employment/a degree in cyber security or who are preparing to gain a baseline before embarking on the CISSP certification.

What this book covers

Chapter 1, Threats, Attacks, and Vulnerabilities Practice Tests, contains four different format practice tests, including a mock exam.

Chapter 2, Technologies and Tools Practice Tests, contains four different format practice tests, including a mock exam.

Chapter 3, Architecture and Design Practice Tests, contains four different format practice tests, including a mock exam.

Chapter 4, Identity and Access Management Practice Tests, contains four different format practice tests, including a mock exam.

Chapter 5, Cryptography and PKI Practice Tests, contains four different format practice tests, including a mock exam.

Chapter 6, Risk Management, contains four different format practice tests, including a mock exam.

To get the most out of this book

Students using this book should have completed a course of instruction or read a CompTIA study guide for the CompTIA Security+ 501 exam. A book that complements this practice test book is the CompTIA Security+ Certification Guide (https://www.packtpub.com/in/networking-and-servers/comptia-security-certification-guide), written by Ian Neil.

Get in touch

Feedback from our readers is always welcome.

General feedback: If you have questions about any aspect of this book, mention the book title in the subject of your message and email us at [email protected].

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/support/errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.

Piracy: If you come across any illegal copies of our works in any form on the internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in, and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Reviews

Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!

For more information about Packt, please visit packt.com.

Threats, Attacks, and Vulnerabilities Practice Tests

One of the most crucial areas that a security professional needs to have knowledge about is the type of attacks that there are and the ways that these attacks can be mitigated so that your company is less vulnerable to attacks. The CompTIA exam breaks this examination topic into different areas.

The first area we look at is the types of malware that exist, such as basic viruses, worms, trojans, ransomware, adware, spyware, rootkits, keyloggers, logic bombs, and backdoor.

Next, we will compare and contrast the different types of attacks. This area is immense. We will also look at the different types of social engineering attacks, where the individual is seen as the weak link that the attacker will try to exploit. These attacks range from phishing, spear phishing, whaling, vishing, tailgating, impersonating, dumpster diving, shoulder surfing, hoaxes, and watering-hole attacks. IT professionals need to be familiar with social engineering attacks such as authority, intimidation, consensus, and urgency.

We are also going to look at application service attacks, such as DoS, DDoS, man‐in‐the‐middle, buffer overflow, integer overflow, SQL injection, XSS, XSRF, amplification, DNS poisoning, ARP poisoning, domain hijacking, zero‐day virus, replay, and pass‐the‐hash attacks. We will also be looking at hijacking and related attacks, such as clickjacking, session hijacking, typosquatting, and driver manipulation. We will also look at wireless attacks, ranging from evil twin, rogue access point, jamming, WPS, bluejacking, bluesnarfing, RFID, NFC, and disassociation. No exam would be complete without cryptographic attacks, such as birthday, rainbow-table, dictionary, brute-force, collision, and downgrade attacks.

You need to know and identify the motivation of the threat actors that you will face, and these range from the script kiddie with little knowledge to the politically motivated hacktivist, nation-states, advanced persistent threats, competitors, and the most dangerous malicious insider threat. Every security professional will need to know about penetration tests that can be intrusive and cause damage, such as the black, white, and gray box penetration testers to the non-credentialed, credentialed, false positive, and real time monitoring. We need to look at the impact of vulnerabilities, such as race conditions, end‐of‐life systems, lack of vendor support, default configurations, untrained users, handling and setting up errors, undocumented assets, zero‐day viruses, and key management.

This publication is not a study guide, but gives you additional examination revision material so that your knowledge base can be at its highest when you take the test. Everyone has different ways of learning, and hopefully, with four different formats, everyone should be catered for.

Before you begin each set of tests, you need to keep a sheet of paper so that areas that you get wrong or are guessing at are written down to help identify the weak areas that you need to revise before testing.

After the test, there is a Cheat Sheet section, containing a shortened version of the most relevant information that you need to know to pass this test.

Practice Test 1 – Open Questions – Threats, Attacks, and Vulnerabilities

Start off by answering the questions that you have the knowledge base to answer, then on a separate list write down the questions that you do not know the answers to, because you need to revise those areas before testing:

1. What type of virus produces a different hash as it replicates through your network?

2. What type of attack can use a hidden password that has been in place since the application was installed?

3. What type of attack involves an agent attacking a high‐level executive calling them on a telephone and leaving a voicemail?

4. What type of attack involves a huge fireman arriving in the reception area of your company and you letting him into your server room?

5. What type of attack involves downloading a performance-enhancing computer program that says that I have 20,000 exploits and that I should purchase the full version of the product to remove them?

6. What type of attack collects passwords from your computer and sends them back to the hacker who then uses these passwords to gain access to your computer system?

7. What type of attack cannot be detected by a NIPS, NIDS, firewall, or a SIEM system, but can only be detected by using baselines?

8. An employee leaves the company, then three months later, files are deleted from a file server, even though it has been isolated from the network. On investigation, it was found that the damage was caused by a script being launched. What type of attack was carried out?

9. What type of attack is a stealth attack that tracks your internet habits and usage?

10. What type of attack uses multiple popups as its attack vector?

11. What type of attack infects a well‐known, trusted website where the users do not suspect anything?

12. What type of attack is launched against a manager using email as its attack medium?

13. What type of attack is launched against managers using email as its attack medium?

14. A company is employing a third party to collect all of its shredded waste that will then be taken to a remote site and incinerated. What type of attack does this prevent?

15. What type of attack is launched when you receive an email from the CEO threatening you with disciplinary action if you do not complete a form that was requested earlier by the human resources department (you don't remember the earlier correspondence)?

16. You have just started working at the reception desk of a multinational corporation. During your induction period, one of the middle managers asks your coworker for some information. You are not too sure if he is entitled to that information. The next day, when your coworker has gone to lunch, the middle manager arrives asking you for the same information, this time updated a little. You don't want to be seen as different from other employees, and so you give him the information. What type of attack has just been launched?

17. The CEO has received an email asking him to click on a link and carry out an action so that his salary information can be updated, as the company is moving to a new financial system. What type of attack has just been launched?

18. What type of attack can be launched using HTML tags and/or JavaScript?

19. When might an intrusive scan be used, and could it cause any damage to the system?

20. Five seconds after connecting to the company's wireless network, the sessions drop. What type of wireless attack have I been the victim of?

21. A hacker has managed to gain access to my Bluetooth phone and has been texting all of my friends, announcing that I am going to get married next year. This information is false. What type of attack has just been carried out?

22. A hacker has managed to gain access to my Bluetooth phone and has been able to steal my contact information. What type of attack has been carried out?

23. What type of attack is an interception attack where the data has been replayed immediately?

24. What type of attack is an interception attack where the data has been replayed at a later date?

25. What types of attack might use port 1900 and port 5000? Name two.

26. I receive a call from my bank saying that they need to move my account to an interest-bearing account, and ask me to go through the application process. They ask me for my account details and direct me to choose a new online password. They need my old password for account verification. What type of attack has been carried out?

27. In the morning, I swipe my card and open the door to the main offices. I am about to close the door when I see a young lady struggling with a big box, and so I keep the door open for her. What type of attack has just occurred?

28. The customer service desk receives a call from Frank, who says he is from the IT help desk. He says there is a glitch in the system, so they are having to change everyone's passwords. I change my password and ask Helen from the HR department how long Frank has been working for the company. She says that she is not aware of someone called Frank who works at the help desk. What type of attack has just occurred?

29. What type of attack is it when a group of infected computers attacks another computer to render it unusable?

30. I went to the ATM to withdraw some cash to purchase a new pair of shoes from a local market stall that only accepts cash. I was unaware that the person standing behind me had taken his cell phone out and was using the video to record my transaction. What type of attack has been carried out?

31. An attacker has inserted too much data into a data field on a web form causing it to crash. What type of attack has just occurred?

32. What type of attack uses the phrase 1=1? What are the two best solutions to prevent this attack?

33. My website traffic is being controlled by a load balancer that is ensuring that each web request is going to the least-utilized host. A DDoS attack is now being launched against the company websites. What is the best way to deal with this attack? Will the load balancer cope?

34. When I go to my local coffee shop, I am given the wireless network SSID and access code so I can use the internet while drinking coffee. When I sit down at my table, I notice that the SSID comes up, and when I connect to the wireless network, I am not asked for a password. What type of attack has just occurred?

35. How can I protect my network from someone who wants to connect a rogue access point to it?

36. What type of attack interferes with my wireless network?

37. My laptop had a virus, so I reinstalled the operating system and the virus came back. What type of attack is causing this?

38. My domain controller uses NTLM authentication. What type of attack makes it vulnerable?

39. Someone goes to the dark web and purchases a program that he can modify to carry out an attack. What type of threat actor is the attacker?

40. An attacker has just carried out an attack rendering a website unusable. When he has finished the attack, he then has to rush off, as he is going to attend a political rally. What type of threat actor is he?

41. What is the most difficult threat actor to detect and why?

42. What type of threat actor will try to steal your trade secrets so that they can manufacture your new product and get it to market before you can?

43. An attacker has managed to gain access to your corporate network through a host that was not fully patched. Once he gained access to that host, he then launched an attack on your SQL database server so that he could steal your customer's credit card details. What type of technique did the attacker adopt?

44. Your company has contracted a third party to carry out penetration testing to identify any weaknesses in your system, as you recently had it upgraded. You have given them no information except a small diagram of a remote part of your network. What type of penetration test is being carried out?

45. Why would a white-box penetration tester who knows everything about your network and applications adopt a technique called fuzzing when testing a new application?

46. How much information should a black-box penetration tester be given and what would be the first technique that he should adopt?

47. How do penetration testing and vulnerability scanning differ?

48. If I had an end-of-life controller for my HVAC system, but could not afford to replace it for another four months, how might I mitigate the risk that it poses?

49. You are the Chief Information Security Officer (CISO) for a large multinational corporation and you are going to write a policy for the website developer to control any errors that come from the website. How will you describe the errors that the users receive and those errors that the IT support team receives?

50. You have an older monitoring system that is not detecting any new vulnerabilities, but the security team informs you that data has been exfiltrated. What is it called when the monitoring system is not detecting attacks?

51. Your security team has informed you that the CPU usage on the SQL server is running at 100%. Which vulnerability is it suffering from and how can you mitigate it?

52. What type of attack launches directed IP broadcasts to the border router where the victim is overloaded with the resulting ping replies? What can you do to mitigate this attack?

53. What type of attack redirects you from a legitimate website and sends you to a fraudulent website?

54. What is the purpose of DNSSEC, what records does it produce, and what type of attack does it prevent?

55. What type of attack involves your cookies being copied onto a different computer to launch an attack?

56. When would a typosquatting attack be performed? 

57. A hacker has gone to the dark web and has obtained a 690-GB rainbow table. What are they intending to do with this table and what is the table comprised of?

58. What is the best way to avoid someone cracking your password if they intend to use a dictionary attack as the attack vector? Name two examples.

59. What is the purpose of a brute-force attack and what is the only way to prevent it?

60. What can I do to stop users in my company from storing duplicate passwords and at the same time slow down brute-force attacks?

Practice Test 2 – Fill The Gaps – Threats, Attacks, and Vulnerabilities

Fill-the-gaps questions really test your knowledge base, and can be quite vague at times. In the CompTIA Security+ examination, some of the test questions can also be quite vague, hence the value of this section.

Complete the answers that you can, then make a list of those topics that you are getting wrong, as you need to revise these areas before you take the test. Best of luck.

In the following questions, fill in the gaps to make the statement. Each underlined section of the sentence represents one word—for example, ___________ means that one word is missing; ________  ___________ means that two words are missing:

1. A __________ _________ attack is where an attacker gains the same level of authorization as the administrator.

2. _____________ is wireless authentication that starts off by inserting a password, meaning that you only need to press a button to gain access to the wireless network.

3. ___________ ___________ is where an attacker will ring up a help desk and ask them to reset the password for a user account.

4. A ___________ is where an attacker will ask you to look into the Windows\System32 folder to find an icon, such as a bear. If you find this icon, they will then ask you to delete the bear, as it is a virus. But when you do this, you will, in fact, delete a system file.

5. XSS targets _________, while remote exploits target ______ ______ .

6. Digital signatures are susceptible to a ___________ _______, a hash-collision attack.

7. A ________ attack is an interception attack where the data is forwarded at a later time and can be prevented by using Kerberos authentication that uses updated sequence numbers and timestamps.

8. An auditor discovers that 50 new desktops have not been hardened properly, and puts it down to the fact that __________ ___________ had not been implemented early in the deployment.

9. __________ and _________ are both used for driver manipulation.

10. My airplane was delayed and my free time on the wireless captive portal expired. I can use ________ _______ to bypass the captive portal for another session of free wireless access.

11. A ___‐_____________ vulnerability scan can find only missing patches.

12. A ____________ vulnerability scan has the ability to audit files and find account vulnerabilities.

13. A CEO instructs the finance team to urgently send payment to ABC Limited just before he boards an aircraft on a transatlantic flight. This is an example of a social engineering ___________ and a __________ attack.

14. An ______‐__________ vulnerability scan will not cause damage to the computer system.

15. ______ _______ ___________ is a wireless payment system that only works from close range.

16. An HVAC system that is no longer supported by the manufacturer is known as _____ of __.

17. A ______ ___________ is where a monitoring system tells me that an exploit has been found on the system, but when a manual inspection is done, nothing is found.

18. A __________virus accesses a computer system by using a password that has been there since the installation of the application.

19. ___________ _______________is where an attacker will visit a company's website and social media websites to collect information about the company.

20. A _________ _____ can be used to stop data-processing emissions being intercepted by a third party.

21. Changing the _________ _____________ and preventing IoT devices from directly accessing the _________ will help protect home networks from attacks.

22. When a system has come to the end of its life, the vendor will have a lack of _________ ____________.

23. ________ ________ threat actors have a level of sophistication and provide advanced persistent threats.

24. ____________ __________ can cause your internet bandwidth to be reduced and your server disk space to decrease.

25. _____ is the most insecure method of wireless security and should never be used, as it can be easily attacked.

26. __________ ________ threat actors are motivated by profits and may use blackmail.

27. ______ ________ ___________ can be sourced from publicly available intelligence sources.

28. ______ ____________ prevents SQL injection, buffer overflow, and integer overflow attacks.

29. A company keeps the keys to all of the offices in the reception area and the workers sign the keys in and out each day. This is known as ____ ______________, and it prevents people from taking the keys home with them.

30. The policy of a company is to change the ________ ______________ of any new device that they purchase to ensure that it is more secure.

31. _____ _______ suites are where the key size is less than 1024 bits, and should be avoided.

32. The Stuxnet virus is an example of a ___________ threat as it infected a computer system for about two years before it was discovered.

33. _____‐______ is the strongest form of wireless security.

34. _______ ___________ is what a pen tester will carry out first, based on the information they have.

35. A store had small devices stolen over the last three months. They rolled out _______ to prevent the small devices from leaving the store undetected.

36. Using SSL instead of TLS for data in transit could lead to a POODLE attack that is known as a ___________ attack.

37. To protect data in transit, you should use encryption where plaintext is changed to ___________.

38. An attacker will try and log into your control panel to launch a ________ __________ attack.

39. A ___‐__‐____‐_______ attack is where a previously installed trojan intercepts your online banking transactions without changing the bank's URL.

40. Both smurf attacks and DDoS attacks are known as _________ attacks.

41. _______ ________ password attacks can detect every available combination of characters and can be stopped by using an account lockout or by salting the password using bcrypt or PBKDF2.

42. _____‐____ ________ ________attack is where a user is logged into a legitimate website and clicks on a link where an embedded program is located. This is also known as a one‐click attack, XRSF, or CSRF.

43. A __________ attack uses a legitimate website with links—for example, a Like button, a Share button, a free trial, or an Isn't This Funny? link.

44. A ____ ___________ is where two threads access the same data at the same time and either cause the computer to crash or give an illegal operation error.

45. _________ __________ is where an arithmetic calculation exceeds the maximum size an application can accept. It can be mitigated by using input validation.

46. _________ prevents duplicate passwords from being stored and slows down brute-force attacks.

47. ____________ _______ on your network will not be patched and could be used for pivoting as they become vulnerable.

48. __________ _____ could inadvertently violate security policies and become vulnerable to a cybercrime or phishing attack.

49. __________ _______ is where proprietary code is tested by a consultant for security flaws.

50. ______ ______ of failure is where one person, device, or service could cause damage to the company's systems if it failed.

Practice Test 3 – Drag and Drops – Threats, Attacks, and Vulnerabilities

I suggest using two different-colored pens: blue or black for answers that are easy for you to identify and a red or different-colored pen for answers that you are unsure of. This way, you can identify your strong and weak areas.

Place the answers into the relevant answerboxes inthe following table, starting with the answers that you can easily identify. Make a list of those that you cannot answer on your first time through, as you need to revise those areas. Then use logic to answer the remaining questions.

Insert the phrases at the end of this section into the appropriate answer boxes in the following table. Each phrase can only be used once:

Description 

Answer

The trial software found exploits, but you need to buy the full package

More data is inserted into an application than expected

The reason why we shred and burn data is to prevent ...

Someone standing behind you records your ATM transaction by using a smartphone

A USB drive plugged into the back of your desktop logs keystrokes

This generates multiple popups

You have reinstalled the operating system, but this virus is still there

An attack on the CEO or a high‐level executive

Someone willing to steal your trade secrets

No knowledge or information is given to you

Prevents pass-the-hash attacks

An untraceable virus

May cause harm to your system

An attack on everyone using a popular trusted website

Complete wireless payment transactions

Obtains a program from the dark web

Redirects the user to a fraudulent website

Listening to a conversation

The first stage after purchasing an IoT device, change the ...

CPU running at 100% is a sign of …

An email sent to the Board of Directors

Purchasing fake software from a website

An attack using the phrase 1=1

Hacktivist motivation

Prevents SQL injection, buffer overflow, and integer overflow

Use the following options to fill in the blank boxes in the preceding table:

Black-box pen tester

Watering-hole attack

Hoax

Ransomware

Script kiddie

DNS poisoning

SQL injection

Near field communication

Political cause

Buffer overflow

Input validation

Spear phishing

Passive reconnaissance

Dumpster diving

Resource exhaustion

Shoulder surfing

Keylogger

Default configuration

Adware

Rootkit

Whaling

Competitor

Kerberos

Zero‐day virus

Intrusive scan

Practice Test 4 – Mock Exam 1

Start off the mock exam with a clean sheet of paper and note down the questions that you cannot answer or are guessing at, because you need to revise those areas. When you take this test, follow these instructions:

DO:

Read the questions carefully; do not scan. Draw diagrams on questions you are unsure of.

Rule out the wrong answers to leave the correct answer.

When you narrow the answers down to two possible answers, you have a 50–50 chance of being right. Read the question again and look for the finer details that will give one of those options a 60–40 chance of being right.

Flag up for review (in the top-right of the screen) the questions that you don't like. Do not answer them, as the review screen will show those items in red. Don't waste time trying to work them out at this stage.

Before ending your review, go down the columns from left to right and ensure that all questions have an answer.

At the end, check all of the questions' answers and finish the exam.

DON'T:

Scan through the questions, especially if English is your first language

Second-guess yourself

Change answers

Reread the whole exam if you have spare time

Answer the following questions:

1. You are the Chief Information Security Officer (CISO