25,19 €
Mehr erfahren.
- Herausgeber: Packt Publishing
- Kategorie: Wissenschaft und neue Technologien
- Sprache: Englisch
Ace the CompTIA Security+ exam with over 700 practice exam questions written using the style and format of the Security+ exam
Key Features
- Get a detailed breakdown of the type of questions and the exam environment
- Discover a step-by-step process that guides you through the study process week-by-week
- Reinforce your learning by solving 100 questions for each domain
Book Description
Security+ certification is the most popular entry-level certification for cybersecurity professionals. It has no work experience requirement, making it accessible to everyone willing to put in the time to prepare for the exam. Security+? Practice Tests are the perfect tools to prepare for the CompTIA Security+ exam.
The first six chapters each cover one of the six Security+ domains. Each of those chapters contains around 100 practice test questions covering the material from that domain. The last two chapters each contain a full-length Security+ practice test that's designed to assess your readiness to take the actual test. At the end of each chapter, you'll find the answers to all of the questions along with detailed explanations to help reinforce your learning of the material.
By the end of the book, you'll have enough practice to easily ace the CompTIA Security+ exam.
What you will learn
- Familiarize yourself with the format of the Security+ exam
- Target your test preparation on each of the Security+ domains
- Brush up on your understanding by testing yourself on realistic practice questions
- Discover areas for improvement by comparing your responses to the answers provided
- Measure your readiness with full-length practice tests
- Know what to expect on test day and
- Learn helpful strategies for tackling the different question types
Who this book is for
This book is designed for service desk analysts, system support engineers, and other IT professionals who want to start their career in managing the IT infrastructure of an organization. Basic knowledge of hardware, software, other relevant components of the IT industry will help you easily grasp the concepts explained in this book.
Sie lesen das E-Book in den Legimi-Apps auf:
Seitenzahl: 402
Veröffentlichungsjahr: 2019
Ähnliche
Security+® Practice Tests
Prepare for, practice, and pass the CompTIA Security+ exam
Mike Chapple
Security+® Practice Tests
Copyright © 2018 Mike Chapple. All rights reserved.
No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without prior written permission, except in the case of brief quotations embedded in critical articles or reviews.
The information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Author: Mike Chapple
Managing Editor: Snehal Tambe
Acquisitions Editor: Bridget Neale
Production Editor: Samita Warang
Editorial Board: Shubhopriya Banerjee, Bharat Botle, Ewan Buckingham, Megan Carlisle, Simon Cox, Mahesh Dhyani, Manasa Kumar, Alex Mazonowicz, Dominic Pereira, Shiny Poojary, Abhishek Rane, Erol Staveley, Ankita Thakur, Nitesh Thakur, and Jonathan Wray
First Published: October 2019
Production Reference: 1301019
ISBN: 978-1-83921-346-5
Published by Packt Publishing Ltd.
Livery Place, 35 Livery Street
Birmingham B3 2PB, UK
Table of Contents
Preface ix
1. Threats, Attacks, and Vulnerabilities 1
Domain 1 Questions 2
Domain 1 Answers and Explanations 35
2. Technologies and Tools 51
Domain 2 Questions 52
Domain 2 Answers and Explanations 85
3. Architecture and Design 101
Domain 3 Questions 102
Domain 3 Answers and Explanations 132
4. Identity and Access Management 149
Domain 4 Questions 150
Domain 4 Answers and Explanations 180
5. Risk Management 195
Domain 5 Questions 196
Domain 5 Answers and Explanations 224
6. Cryptography and PKI 241
Domain 6 Questions 242
Domain 6 Answers and Explanations 265
7. Practice Exam 1 277
Practice Exam 1 Questions 278
Practice Exam 1 Answers and Explanations 310
8. Practice Exam 2 325
Practice Exam 2 Questions 326
Practice Exam 2 Answers and Explanations 355
Preface
About
This section briefly introduces the authors, the coverage of this book, the technical skills you'll need to get started.
About the Book
Security+ certification is the most popular entry-level certification for cybersecurity professionals. It has no work experience requirement, making it accessible to anyone willing to put in the time to prepare for the exam. Security+Ⓡ Practice Tests is the perfect tool to prepare for the CompTIA Security+ exam.
The first six chapters each cover one of the six Security+ domains. Each of these chapters contains around 100 practice test questions covering the material from that domain. The final two chapters each contain a full-length Security+ practice test that's designed to assess your readiness to take the actual test. At the end of each chapter, you'll find the answers to all of the questions along with detailed explanations to help reinforce your learning of the material.
By the end of the book, you'll have enough practice to easily ace the CompTIA Security+ exam.
About the Author
Mike Chapple holds the CISSP, CySA+, CISM, PenTest+ and Security+ certifications and has helped thousands of students earn their own certifications through his books, courses, and practice tests. On the CISSP front, Mike is the author of the Official (ISC)2 CISSP Study Guide, Official (ISC)2 CISSP Practice Tests and LinkedIn's CISSP video training series. In the Security+ space, Mike developed the LinkedIn Learning Security+ training series. Mike also authored the CySA+ Study Guide from Sybex and is the author of the book CySA+ Practice Tests and the LinkedIn CySA+ video training series. Mike has 20 years of experience as an educator, author, and hands-on practitioner in cybersecurity across the public and private sectors. He began his career as an information security research scientist with the U.S. National Security Agency. Mike then went into private industry as the Chief Information Officer of the Brand Institute. He currently serves as a faculty member at the University of Notre Dame, specializing in cybersecurity and business analytics.
Learning Objectives
By the end of this book, you will be able to:
Familiarize yourself with the format of the Security+ examTarget your test preparation on each of the Security+ domainsBrush up on your understanding by testing yourself on realistic practice questionsDiscover areas for improvement by comparing your responses to the answers providedMeasure your readiness with full-length practice testsKnow what to expect on test day andLearn helpful strategies for tackling the different question typesAudience
This book is designed for service desk analysts, system support engineers, and other IT professionals who want to start their career in managing the IT infrastructure of an organization. Basic knowledge of hardware, software and other relevant components of the IT industry will help you easily grasp the concepts explained in this book.
Approach
The questions in this book are written using the style and format of the Security+ exam. The structure of the book enables you to study effectively. At the end of each chapter, you'll find the answers to all of the questions along with detailed explanations to help reinforce your learning of the material.
Conventions
New terms and important words in the book are highlighted in bold as follows: "A business partnership agreement (BPA) spells out the relationship between two organizations that are entering into a joint venture or other partnership."
1. Threats, Attacks, and Vulnerabilities
Domain 1 Questions
After conducting a vulnerability scan of her network, Wendy discovered the issue shown here on several servers. What is the most significant direct impact of this vulnerability?Figure 1.1
A. Attackers may eavesdrop on network communications.
B. Attackers may use this information to gain administrative privileges.
C. Encryption will not protect credentials for this account.
D. Automated attacks are more likely to succeed.
Pete is investigating a domain hijacking attack against his company that successfully redirected web traffic to a third-party website. Which one of the following techniques is the most effective way to carry out a domain hijacking attack?A. ARP poisoning
B. Network eavesdropping
C. DNS poisoning
D. Social engineering
Which one of the following characters is the most important to restrict when performing input validation to protect against XSS attacks?A. <
B. !
C. $
D. '
Darren is investigating an attack that took place on his network. When he visits the victim's machine and types www.mybank.com into the address bar, he is directed to a phishing site designed to look like a legitimate banking site. He then tries entering the IP address of the bank directly into the address bar and the legitimate site loads. What type of attack is likely taking place?A. IP spoofing
B. DNS poisoning
C. ARP spoofing
D. Typosquatting
Which one of the following technologies must be enabled on a wireless network for a Pixie Dust attack to succeed?A. SSID broadcasting
B. WPS
C. WPA
D. WEP
During forensic analysis, Drew discovered that an attacker intercepted traffic headed to networked printers by modifying the printer drivers. His analysis revealed that the attacker modified the code of the driver to transmit copies of printed documents to a secure repository. What type of attack took place?A. Refactoring
B. Shimming
C. Swapping
D. Recoding
What type of scan can best help identify cases of system sprawl in an organization?A. Database scan
B. Web application scan
C. Detailed scan
D. Discovery scan
Scott is reviewing a list of cryptographic cipher suites supported by his organization's website. Which one of the following algorithms is not secure and may expose traffic to eavesdropping attacks?A. ECC
B. 3DES
C. AES
D. DES
Brenda is selecting the tools that she will use in a penetration test and would like to begin with passive techniques. Which one of the following is not normally considered a passive reconnaissance technique?A. Social engineering
B. Wireless network eavesdropping
C. Open source intelligence
D. Domain name searches
Scott is a security administrator for a federal government agency. He recently learned of a website that advertises jobs for former government employees. When he accessed the site, the site launched code in his browser that attempted to install malicious software on his system. What type of attack took place?A. Denial of service
B. Watering hole
C. Spyware
D. Trojan horse
Paul received an email warning him that a new virus is circulating on the internet and that he needs to apply a patch to correct the problem. The message is branded with a Microsoft header. The virus message is actually a hoax and the patch contains malicious code. What principle of social engineering best describes what the attacker is trying to exploit by including the Microsoft header?A. Consensus
B. Scarcity
C. Trust
D. Intimidation
Kristen conducts a vulnerability scan against her organization's network and discovers a file server with the vulnerability shown here. Which one of the following actions is the best way to remediate this vulnerability?Figure 1.2
A. Discontinue the file transfer service
B. Require strong passwords
C. Switch to SFTP
D. Require multifactor authentication
Frank is the new CISO at a mid-sized business. Upon entering his role, he learns that the organization has not conducted any security training for their sales team. Which one of the following attacks is most likely to be enabled by this control gap?A. Buffer overflow
B. Social engineering
C. Denial of service
D. ARP poisoning
After conducting security testing, Bruce identifies a memory leak issue on one of his servers that runs an internally developed application. Which one of the following team members is most likely able to correct this issue?A. Developer
B. System administrator
C. Storage administrator
D. Security analyst
Greg recently detected a system on his network that occasionally begins sending streams of TCP SYN packets to port 80 at a single IP address for several hours and then stops. It later resumes, but directs the packets to a different address. What type of attack is taking place?A. Port scanning
B. DDoS
C. IP scanning
D. SQL injection
During a security assessment, Ryan learns that the Accounts Receivable department prints out records containing customer credit card numbers and files them in unlocked filing cabinets. Which one of the following approaches is most appropriate for resolving the security issues this situation raises?A. Physically secure paper records
B. Encrypt sensitive information
C. Modify business process
D. Monitor areas containing sensitive records
Jaime is concerned that users in her organization may fall victim to DNS poisoning attacks. Which one of the following controls would be most helpful in protecting against these attacks?A. DNSSEC
B. Redundant DNS servers
C. Off-site DNS servers
D. Firewall rules
Irene is reviewing the logs from a security incident and discovers many entries in her database query logs that appear similar to the ones shown here. What type of attack was attempted against her server?Figure 1.3
A. Error-based SQL injection
B. Timing-based SQL injection
C. TOC/TOU
D. LDAP injection
Carl is concerned that his organization's public DNS servers may be used in an amplification attack against a third party. What is the most effective way for Carl to prevent these servers from being used in an amplification attack?A. Disable open resolution
B. Block external DNS requests
C. Block internal DNS requests
D. Block port 53 at the firewall
What is the purpose of a DNS amplification attack?A. Resource exhaustion
B. Host redirection
C. Record poisoning
D. Man-in-the-middle attack
Angie is investigating a piece of malware found on a Windows system in her organization. She determines that the malware forced a running program to load code stored in a library. What term best describes this attack?A. DLL injection
B. SQL injection
C. Pointer dereference
D. Buffer overflow
Which one of the following threat sources is likely to have the highest level of sophistication?A. Organized crime
B. Hacktivist
C. APT
D. Script kiddie
In which of the following types of penetration test does the attacker not have any access to any information about the target environment prior to beginning the attack?A. Grey box
B. White box
C. Red box
D. Black box
Bill is securing a set of terminals that are being used to access a highly sensitive web application. He would like to protect against a man-in-the-browser attack. Which one of the following actions would be most effective in meeting Bill's goal?A. Disabling browser extensions
B. Requiring multifactor authentication
C. Requiring TLS encryption
D. Disabling certificate pinning
Kevin runs a vulnerability scan on a system on his network and identifies a SQL injection vulnerability. Which one of the following security controls is likely not present on the network?A. TLS
B. DLP
C. IDS
D. WAF
Maureen is implementing TLS encryption to protect transactions that are being run against her company's web services infrastructure. Which one of the following cipher suites would not be an appropriate choice?A. AES256-CCM
B. ADH-RC4-MD5
C. ECDHE-RSA-AES256-SHA384
D. DH-RSA-AES256-GCM-SHA384
Val runs a vulnerability scan of her network and finds issues similar to the one shown here on many systems. What action should Val take?Figure 1.4
A. Immediately replace all certificates
B. Conduct a risk assessment
C. No action is necessary
D. Replace certificates as they expire
Barry would like to identify the mail server being used by an organization. Which one of the following DNS record types identifies a mail server?A. MX
B. A
C. CNAME
D. SOA
Gina runs a vulnerability scan of a server in her organization and receives the results shown here. What corrective action could Gina take to resolve these issues without disrupting the service?Figure 1.5
A. Update RDP encryption
B. Update HTTPS encryption
C. Disable the network port
D. No action is necessary
Carl is a help desk technician and received a call from an executive who received a suspicious email message. The content of the email appears as follows. What type of attack most likely took place?Figure 1.6
A. Whaling
B. Spear phishing
C. Vishing
D. Phishing
Dan is a cybersecurity analyst. Each day, he retrieves log files from a wide variety of security devices and correlates the information they contain, searching for unusual patterns of activity. What security control is likely lacking in Dan's environment?A. Firewall management tools
B. IPS
C. SIEM
D. NAC
Which one of the following security controls would be MOST effective in combatting buffer overflow attacks?A. IDS
B. VPN
C. DLP
D. ASLR
Mary believes that her network was the target of a wireless networking attack. Based upon the Wireshark traffic capture shown here, what type of attack likely took place?Figure 1.7
A. Disassociation
B. IV accumulation
C. Replay
D. Bluesnarfing
Gary is concerned about the susceptibility of his organization to phishing attacks. Which one of the following controls will best defend against this type of attack?A. Encryption
B. User training
C. Firewall
D. Background checks
In which one of the following types of spoofing attack is the attacker often able to establish two-way communication with another device?A. Email spoofing
B. MAC spoofing
C. IP spoofing
D. RFID spoofing
Rob is conducting a penetration test against a wireless network and would like to gather network traffic containing successful authentication attempts, but the network is not heavily trafficked and he wants to speed up the information gathering process. What technique can he use?A. Replay
B. Brute force
C. Rainbow table
D. Disassociation
Joe considers himself a hacker but generally does not develop his own exploits or customize exploits that have been developed by others. Instead, he downloads exploits from hacker sites and attempts to apply them to large numbers of servers around the internet until he finds one that is vulnerable. What type of hacker is Joe?A. 31337 h4x0r
B. APT
C. Script kiddie
D. Penetration tester
Julie is beginning a penetration test against a client and would like to begin with passive reconnaissance. Which one of the following tools may be used for passive reconnaissance?A. Metasploit
B. Nmap
C. Nessus
D. Aircrack-ng
Jake is responsible for the security of his organization's digital certificates and their associated keys. Which one of the following file types is normally shared publicly?A. PEM file
B. CRT file
C. CSR file
D. KEY file
Which one of the following malware tools is commonly used by attackers to escalate their access to administrative privileges once they have already compromised a normal user account on a system?A. Bot
B. Rootkit
C. RAT
D. Logic bomb
Paul has detected the vulnerability shown here in one of his systems. He has several other high priority projects waiting for his attention and needs to prioritize this issue. What should he do?Figure 1.8
A. Immediately prioritize the remediation of this vulnerability over all other tasks.
B. Take no action.
C. Complete the pressing tasks on his current projects and then correct this vulnerability.
D. Hire a vendor to remediate the vulnerability.
Gary recently gained access to a salted and hashed password file from a popular website and he would like to exploit it in an attack. Which one of the following attacks would be most productive if the website has a password policy requiring complex passwords?A. Offline brute force
B. Online brute force
C. Dictionary
D. Rainbow table
Vivian is investigating a website outage that brought down her company's e-commerce platform for several hours. During her investigation, she noticed that the logs are full of millions of connection attempts from systems around the world, but those attempts were never completed. What type of attack likely took place?A. Cross-site scripting
B. DDoS
C. DoS
D. Cross-site request forgery
In which one of the following attacks against Bluetooth technology is the attacker able to steal information from the device?A. Blueballing
B. Bluejacking
C. Bluesnarfing
D. Bluefeeding
What is the most dangerous consequence that commonly occurs as the result of a buffer overflow attack?A. Account enumeration
B. Denial of service
C. Information disclosure
D. Arbitrary command execution
Which one of the following would not be considered an OSINT tool?A. Website perusal
B. WHOIS lookups
C. Google searches
D. Vulnerability scans
Which one of the following is not a likely consequence of system sprawl?A. Improper input validation
B. Undocumented assets
C. Excess costs
D. Unsupported systems
Tonya is developing a web application and is embedding a session ID in the application that is exchanged with each network communication. What type of attack is Tonya most likely trying to prevent?A. Man-in-the-middle
B. Replay
C. Buffer overflow
D. SQL injection
Carla found the following page on her web server. What type of attacker most likely waged this attack?Figure 1.9
Note
The above question is included as an example of a security attack. The publisher does not endorse the political message conveyed by the image, nor wish to cause any offence.
A. Hactivist
B. APT
C. Script kiddie
D. Organized crime
Which one of the following attackers is most likely to understand the design of an organization's business processes?A. Script kiddie
B. APT
C. Insider
D. Hacktivist
Kevin is configuring a vulnerability scan of his network. He would like the scan to be a non-intrusive scan and is using the configuration settings shown here. Which setting should he modify?Figure 1.10
A. Enable safe checks.
B. Stop scanning hosts that become unresponsive during the scan.
C. Scan IP addresses in a random order.
D. Slow down the scan when network congestion is detected.
Frank is responsible for administering his organization's domain names. He recently received a message from their registrar indicating that a transfer request was underway for one of their domains, but Frank was not aware of any request taking place. What type of attack may be occurring?A. DNS spoofing
B. IP spoofing
C. Domain hijacking
D. ARP spoofing
Morgan is a web developer who's responsible for implementing an authentication system. She knows that she should store hashed versions of passwords rather than the passwords themselves but chooses to use unsalted passwords. What type of attack does this make the application more susceptible to?A. Offline brute force attack
B. Online brute force attack
C. Rainbow table
D. Collision
Kelly detected an attack on her network where the attacker used aircrack-ng to create a wireless network bearing her company's SSID. The attacker then boosted the power of that access point so that it was the strongest signal in an executive office area, prompting executive devices to connect to it. What type of attack took place?A. Bluesnarfing
B. Jamming
C. Evil twin
D. WPS
Which one of the following attributes is NOT a characteristic of APT attackers?A. Patience
B. Large amounts of money
C. Sophisticated exploits
D. Brute force
Which one of the following security controls is most effective against zero-day attacks?A. Vulnerability scans
B. Signature-based antivirus software
C. Application control
D. Intrusion prevention systems
Chris is investigating a security incident at his organization where an attacker entered the building wearing a company uniform and demanded that the receptionist provide him access to a network closet. He told the receptionist that he needed to access the closet immediately to prevent a major network disaster. Which one of the following principles of social engineering did the attacker NOT exploit?A. Consensus
B. Authority
C. Intimidation
D. Urgency
Ann works for an organization that recently opted to discontinue the support service on their network devices to control costs. They realized that it would be less expensive to replace devices when they fail than to use the costly replacement plan that was included in their support contract. What should be Ann's primary concern from a security perspective?A. Time required to replace a failed device
B. Cost of replacing devices
C. Lack of access to vendor patches
D. Lack of access to vendor support personnel
Which one of the following controls would be LEAST effective against a privilege escalation attack?A. HIPS
B. Patching
C. Data Execution Prevention
D. Firewall rule
Warren is conducting a penetration test and has gained access to a critical file server containing sensitive information. He is now installing a rootkit on that server. What phase of the penetration test is Warren conducting?A. Active reconnaissance
B. Persistence
C. Escalation of privilege
D. Pivot
Which one of the following security vulnerabilities is NOT a common result of improper input handling?A. DDoS
B. SQL injection
C. Cross-site scripting
D. Buffer overflow
What type of access must an attacker have to successfully carry out an ARP poisoning attack against a target?A. Access to the target's LAN
B. Administrative access on the target's system
C. Normal user access on the target's system
D. Access to the target's network firewall
Which one of the following cryptographic attacks may be used to find collisions in a hash function?A. Birthday attack
B. Meet-in-the-middle attack
C. Man-in-the-middle attack
D. Chosen plaintext attack
Bob is charged with protecting the service shown here from an attack being waged by Mal. What control would best protect against this threat?Figure 1.11
A. Adding TLS encryption
B. Changing the hash algorithm
C. Changing Alice's password
D. Using a shadow password file
After running a vulnerability scan, Charlie identified 10 Windows XP systems running on the network. Those systems support critical business hardware that is over 10 years old and it is not possible to replace the hardware. What is the primary issue that Charlie needs to address?A. Obsolete operating system
B. Incorrectly configured firewall
C. Outdated hardware
D. User security awareness
Patty is approached by an end user who is trying to visit a banking website and sees the following error message. What type of attack is most likely taking place?Figure 1.12
A. Social engineering
B. This is a routine error and no attack is likely
C. Man-in-the-middle
D. Certificate pinning
During a security review, Terry identified a system that is using the RC4 cipher with a 40-bit key to protect communications between systems using the Remote Desktop Protocol. Which one of the following findings would be appropriate for Terry to include in his report on the risk of this service?A. There is not enough information to reach a conclusion.
B. The key length is too short and should be increased to 1,024 bits.
C. RC4 is an insecure cipher and should not be used.
D. The system is using a secure cipher with an appropriate key length.
Joan is trying to break a cryptographic algorithm where she has the encryption key but does not have the decryption key. She is generating a series of encrypted messages and using them in her cryptanalysis. Which term best describes Joan's attack?A. Known plaintext
B. Chosen plaintext
C. Chosen ciphertext
D. Known ciphertext
Kristen is investigating wireless signal interference in her building and suspects that jamming might be taking place. Which one of the following actions can help her rule out the intentional jamming of her wireless signal?A. Moving antenna locations
B. Changing the Wi-Fi channel
C. Changing power levels
D. Testing a variety of devices
While investigating a security incident, Ryan discovers that the attacker entered the information shown here in the login box for a web application. What type of attack was likely taking place?Figure 1.13
A. LDAP injection
B. Blind SQL injection
C. SQL injection
D. Cross-site scripting
Melanie is designing an authentication scheme for a web application and wishes to protect the site against session hijacking attacks. She would like to ensure that cookies containing session credentials are only sent via encrypted connections. What attribute should she set on cookies that are used for session identification?A. Expire
B. HttpOnly
C. SameSite
D. Secure
Ken is conducting a penetration test of one of his organization's clients. He gains access to a web server located in the DMZ using a buffer overflow attack and is now attempting to gain access to systems on the internal network. What stage of the attack has Ken reached?A. Reconnaissance
B. Pivot
C. Persistence
D. Escalation of privilege
Rob is troubleshooting a production application in his organization. He discovers that after the application has been running for about a week, it begins producing repeated errors. When he reboots the system, it works fine for another week, until the errors start recurring. What is the most likely cause of this issue?A. Insider attack
B. Logic bomb
C. Buffer overflow
D. Memory leak
Vince runs the MD5 hash function against three files on his system. He knows that each of the three files contains log entries from different days. What has occurred?Figure1.14
A. Use of a secure hash function
B. Decryption
C. Collision
D. Syntax error
After running an Nmap scan of a new web server being commissioned on her network, Karen discovered the results shown here. Which port should Karen prioritize for investigation and remediation?Figure 1.15
A. 443
B. 22
C. 80
D. 23
The POODLE attack rendered the SSL protocol insecure and prompted many websites to replace SSL with TLS. What type of attack is POODLE?A. Disassociation
B. Downgrade
C. Bluesnarfing
D. Evil twin
Vince is investigating the compromise of a user's account credentials. The user reports that, in addition to her corporate account, the passwords to many of her online banking and bill payment accounts were also compromised. Vince examines her computer and determines that there is an unusual piece of hardware connected between the keyboard and the computer. What type of attack has most likely taken place?A. Bot
B. Spyware
C. Keylogger
D. Adware
Larry is evaluating a dynamic web application that uses a web server with a database back end, as shown in the following diagram. The web server is configured to connect to the database server with a database administrative account. Which one of the following statements is correct about this configuration?Figure 1.16
A. The web server should use an OS administrator account to connect to the database.
B. The web server should use a limited privilege account to connect to the database.
C. This configuration is reasonable.
D. The web server should not connect directly to the database server.
Which one of the following attacks allows the theft of information from a mobile device over a wireless connection that directly connects the attacker to the device?A. Bluejacking
B. Evil twin
C. Bluesnarfing
D. Session hijacking
In a recent social engineering attack, the attacker found an employee of the target company at his gym and struck up a friendship there for several months before trying to slowly extract sensitive corporate information from the employee. What principle of social engineering is the attacker trying to exploit?A. Consensus
B. Authority
C. Urgency
D. Familiarity
During a penetration test, the testers sent the following email to a clerk in an organization's Accounts Payable department. What type of attack took place?Figure 1.17
A. Spear phishing
B. Whaling
C. Vishing
D. Smishing
Which one of the following device types is most susceptible to a pass-the-hash attack?A. VPN concentrator
B. Network firewall
C. Windows server
D. Hardware security module
Vince is concerned about the execution of SQL injection attacks against the database supporting his organization's e-commerce website. Which one of the following controls would NOT be an effective defense against these attacks?A. Parameterized queries
B. WAF
C. Indexing
D. Stored procedures
Norm is concerned that his organization may be the target of a theft of trade secrets by a competitor working with an insider to steal sensitive files. What security control would be the most helpful in detecting attempts to remove that sensitive information from the organization?A. IPS
B. DLP
C. Firewall
D. TLS
Elliott is frustrated by the number of false positive reports being returned by his vulnerability scans. Which one of the following actions is MOST likely to reduce the number of false positive reports?A. Implement credentialed scanning
B. Decrease the scan's sensitivity
C. Disable safe checks
D. Increase the size of the target network
During a recent security investigation, Cam discovered the device shown here sewn into a briefcase belonging to a senior executive. What type of transmission was most likely used to communicate with this device?Figure 1.18
A. Cellular
B. Bluetooth
C. Wi-Fi
D. RFID
Dave discovers that a piece of malware running on a system has been loading the feeds of strange Twitter accounts that contain tweets similar to the one shown here. What type of malware likely exists on this system?Figure 1.19
A. Trojan horse
B. Virus
C. Worm
D. Botnet
Rick would like to use vulnerability scanning results as part of a penetration test he is undertaking. The penetration test is scoped as a black box test. Which one of the following scan reports would be the most useful and appropriate for Rick to obtain from management before conducting the test?A. Internal scan report
B. External scan report
C. Credentialed scan report
D. Agent-based scan report
After running a vulnerability scan, Carl detects a missing patch on a Windows server. When he investigates the server, he determines that the patch is actually applied. What condition has occurred?A. True positive
B. False negative
C. False positive
D. True negative
After conducting a vulnerability scan, Kaiden discovers the vulnerability shown here on several of his organization's web servers. What is the most likely direct impact of these vulnerabilities?Figure 1.20
A. An attacker can disrupt access to the web server.
B. An attacker can obtain information about the inner functioning of the web application.
C. An attacker can steal information from the database supporting this application.
D. An attacker can gain administrative access to the web server.
Carla noticed unusual spikes in network activity and, upon further investigation, determined that there is an usually high number of outbound DNS query responses. She also noticed that the query responses are significantly larger than the queries themselves. What type of attack should Carla suspect?A. Cross-site scripting
B. Amplification
C. DNS poisoning
D. Pass-the-hash
Shortly after Trish's organization fired a software developer, code on a server activated that determined that the developer was no longer employed and deleted the source code from her projects. What type of attack did Trish's organization experience?A. Logic bomb
B. Trojan horse
C. Worm
D. RAT
Dawn is conducting the reconnaissance phase of a penetration test and would like to identify the registered owner of a domain name. Which one of the following tools would be the most likely to provide her with this information?A. Whois
B. Nslookup
C. Dig
D. Ping
Which one of the following controls is the most effective way to protect against security-related architectural and design weaknesses?A. Deploying intrusion prevention systems
B. Carefully maintaining network firewall rules
C. Implementing employee background checks
D. Including security team members in the project management process
Barry is the administrator of a message board that's used by his organization's clients to communicate with each other. One client posted a message on the board that contained script code that caused the browsers of other users to carry out malicious actions when they viewed the message. What type of attack took place?A. XSRF
B. Reflected XSS
C. DOM XSS
D. Stored XSS
Mal is an attacker associated with an advanced persistent threat (APT) organization. Her team recently discovered a new security vulnerability in a major operating system and has not informed anyone of this vulnerability. What type of attack is Mal's organization in a position to wage?A. SQL injection
B. Zero-day
C. Man-in-the-browser
D. Spoofing
Which one of the following technologies would be the most useful in preventing man-in-the-middle attacks?A. TLS
B. SSL
C. Digital certificates
D. Input validation
Harold is examining the web server's logs after detecting unusual activity on the system. He finds the log excerpt shown here. What type of attack did someone attempt against this system based upon the data shown in these logs?Figure 1.21
A. Cross-site scripting
B. Domain hijacking
C. SQL injection
D. Directory traversal
Which one of the following attacks exploits a race condition in a software implementation?A. Integer overflow
B. Buffer overflow
C. SQL injection
D. TOC/TOU
Which one of the following devices is capable of carrying out a rogue AP attack against a Wi-Fi network with minimal configuration?A. Switch
B. Router
C. Orange
D. Pineapple
Carla's firm is preparing to deploy a large network of Internet of Things sensors. Which one of the following is the least common security concern with IoT deployments?A. Data encryption
B. Patches to embedded operating systems
C. Network segmentation
D. Multifactor authentication
Hank ran a vulnerability scan of one of his organization's web servers and found the two vulnerabilities shown here. What is the most expedient way for Hank to correct this issue?Figure 1.22
A. Modify the ciphers used by SSL/TLS
B. Upgrade to SSL 3.0
C. Upgrade to TLS 1.2
D. Replace the digital certificate
Mal is engaging in an IP spoofing attack against a target organization over the internet. Which one of the following limitations does the attack have if Mal has complete control of her own network?A. Mal will not be able to receive responses to requests.
B. Mal will not be able to send packets onto the internet with spoofed addresses.
C. Mal will not be able to insert a spoofed IP address into her network traffic.
D. Mal will not be able to conduct a denial of service attack.
Nate is the first person to arrive in the office one morning and he discovers that a piece of malware is spreading from system to system on his network, exploiting the MS08-067 vulnerability in Microsoft Windows. What term best describes this malware?A. Virus
B. Trojan horse
C. Worm
D. Logic bomb
Noah is a cybersecurity analyst for a mid-sized business. He is working with the user of a machine that is exhibiting suspicious behavior. The anomalous activity began immediately after the user downloaded and installed software from the internet and Noah suspects that it contained malware. What term best describes the malware in this situation?A. Trojan horse
B. Virus
C. Worm
D. Logic bomb
