Domain 2, Quiz 2 Flashcards
Which of the following is a vulnerability related to web-based applications where malicious scripts are injected into trusted websites?
a. Malicious update
b. Virtual machine (VM) escape
c. Cross-site scripting (XSS)
d. Firmware vulnerability
Cross-site scripting (XSS)
XSS is a web-based vulnerability where malicious scripts are injected into trusted websites and executed in a user’s browser.
A mobile device vulnerability allowing unofficial apps to be installed outside the official app store is known as?
a. Firmware vulnerability
b. VM escape
c. Sideloading
d. Jailbreaking
Sideloading
Sideloading is the process of installing apps on a mobile device without using the official app store.
A company discovered that an attacker used multiple compromised systems to flood their website’s server with traffic. This is an example of:
a. Virus attack
b. Logic bomb
c. Distributed denial-of-service (DDoS) attack
d. Trojan attack
Distributed denial-of-service (DDoS) attack
A DDoS attack uses multiple compromised systems to flood a target system with traffic, causing service interruptions.
Which of the following indicates a password attack where multiple password attempts are made using various usernames?
a. Brute force
b. Collision
c. Spraying
d. Buffer overflow
Spraying
Spraying attacks try a few commonly used passwords against many usernames to avoid account lockouts.
Indicators of malicious activity might include all of the following EXCEPT:
a. Blocked content
b. Patching frequency
c. Concurrent session usage
d. Impossible travel
Patching frequency
Patching frequency is a maintenance task, not necessarily an indicator of malicious activity.
To prevent unauthorized devices from accessing certain parts of the network, an administrator should implement:
a. Patching
b. Monitoring
c. Segmentation
d. Decommissioning
Segmentation
Segmentation divides a network into different segments, often using firewalls, to control access and improve security.
Which mitigation technique specifically involves creating a list of approved software that is allowed to run on a system?
a. Configuration enforcement
b. Hardening techniques
c. Application allow list
d. Least privilege
Application allow list
An application allow list involves creating a list of approved software permitted to run on a system.
After obtaining a new router, a network administrator should ensure that ____ to enhance its security.
a.All unnecessary software is installed
b. It is placed in a demilitarized zone (DMZ)
c. All ports are open
d.The default password is changed
The default password is changed
Changing the default password is crucial because attackers often know manufacturers’ default credentials.
Malware that hides its presence by taking control of OS processes at a deep level is known as:
a. Spyware
b. Logic bomb
c. Rootkit
d. Worm
Rootkit
Rootkits take control at the OS level, often hiding their existence and activities.
Which of the following describes a vulnerability in an application where two processes access a shared resource concurrently, resulting in undesirable outcomes?
a. Race conditions
b. Structured Query Language injection (SQLi)
c. Firmware vulnerability
d. Malicious update
Race conditions
Race conditions occur when two processes access a shared resource concurrently, leading to unpredictable outcomes.
A newly discovered vulnerability that does not yet have a patch available is known as a:
a. Zero-day
b. Legacy vulnerability
c. Malicious update
d. Firmware vulnerability
Zero-day
Zero-day vulnerabilities are newly discovered vulnerabilities that do not yet have a patch available.
If an attacker tries to create a cryptographic hash collision, they are attempting to:
a. Exploit a vulnerability in a cipher’s key generation
b. Execute a downgrade attack on a secured communication
c. Decrypt ciphertext without the key
d. Find two different inputs that produce the same hash output
Find two different inputs that produce the same hash output
A collision attack attempts to find two distinct data sets that produce the same hash.
Which mitigation technique involves ensuring that a user or process can only access resources essential for their legitimate purposes?
a. Segmentation
b. Hardening techniques
c. Patching
d. Least privilege
Least privilege
The principle of least privilege ensures users or processes have only the permissions they need to perform their tasks.
Which of the following is an attack where the attacker tries to determine or guess the password of a system by trying all possible combinations?
a. Collision
b. Replay attack
c. Brute force
d. Spraying
Brute force
A brute force attack involves trying all possible combinations to guess a password.
To ensure that only specific IP addresses can access a certain network resource, an administrator should implement:
a. Hardening techniques
b. Encryption
c. Access control list (ACL)
d. Monitoring
Access control list (ACL)
An ACL specifies which users or IP addresses can access resources.
