501-550 Flashcards Preview

Security + 401 > 501-550 > Flashcards

Flashcards in 501-550 Deck (50)
Loading flashcards...
1
Q

The Chief Information Officer (CIO) receives an anonymous threatening message that says “beware of the 1st of the year”. The CIO suspects the message may be from a former disgruntled employee planning an attack.

Which of the following should the CIO be concerned with?

A

C.

Logic bomb

2
Q

Ann, a software developer, has installed some code to reactivate her account one week after her account has been disabled.

Which of the following is this an example of? (Choose two.)

A

B.
Logic Bomb

D.
Backdoor

3
Q

Which of the following malware types is MOST likely to execute its payload after Jane, an employee, has left the company?

A

B.

Logic bomb

4
Q

Pete, a security analyst, has been tasked with explaining the different types of malware to his colleagues. The two malware types that the group seems to be most interested in are botnets and viruses.

Which of the following explains the difference between these two types of malware?

A

B.

Botnets are a subset of malware which are used as part of DDoS attacks.

5
Q

A user, Ann, is reporting to the company IT support group that her workstation screen is blank other than a window with a message requesting payment or else her hard drive will be formatted.

Which of the following types of malware is on Ann’s workstation?

A

D.

Ransomware

6
Q

Which of the following describes a type of malware which is difficult to reverse engineer in a virtual lab?

A

A.

Armored virus

7
Q

SEE QUESTION 507

A
Spear fishing 
Hoax
Vishing
Phishing 
Pharming
8
Q

SEE QUESTION 508

A
A. Phishing. 
B. Whaling. 
C. Vishing. 
D. Spim.
E. Social engineering.
9
Q

A server with the IP address of 10.10.2.4 has been having intermittent connection issues. The logs show repeated connection attempts from the following IPs:

  1. 10.3.16
  2. 10.3.23
  3. 178.24.26
  4. 24.94.83

These attempts are overloading the server to the point that it cannot respond to traffic.

Which of the following attacks is occurring?

A

B.

DDoS

10
Q

A distributed denial of service attack can BEST be described as:

A

C.

Multiple computers attacking a single target in an organized attempt to deplete its resources.

11
Q

An administrator notices an unusual spike in network traffic from many sources. The administrator suspects that:

A

B.

it is the beginning of a DDoS attack.

12
Q

A security technician at a small business is worried about the Layer 2 switches in the network suffering from a DoS style attack caused by staff incorrectly cabling network connections between switches.
Which of the following will BEST mitigate the risk if implemented on the switches?

A

A.

Spanning tree

13
Q

An administrator is assigned to monitor servers in a data center. A web server connected to the Internet suddenly experiences a large spike in CPU activity.

Which of the following is the MOST likely cause?

A

D.

DoS

14
Q

Which of the following attacks could be used to initiate a subsequent man-in-the-middle attack?

A

C.

Replay

15
Q

A network analyst received a number of reports that impersonation was taking place on the network.

Session tokens were deployed to mitigate this issue and defend against the following attacks:

A

A.

Replay

16
Q

Timestamps and sequence numbers act as countermeasures against which of the following types of attacks?

A

D.

Replay

17
Q

SEE QUESTION 517

Which of the following BEST describes the type of attack that is occurring?

A

A.

Smurf Attack

18
Q

Which of the following will help prevent smurf attacks?

A

B.

Disabling directed broadcast on border routers

19
Q

Which of the following wireless security measures can an attacker defeat by spoofing certain properties of their network interface card?

A

B.

MAC filtering

20
Q

SEE QUESTION 520

Which of the following BEST describes the type of attack that is occurring? (Choose two.)

A

A.
DNS spoofing

E.
ARP attack

21
Q

Mike, a user, states that he is receiving several unwanted emails about home loans.

Which of the following is this an example of?

A

D.

Spam

22
Q

Several users’ computers are no longer responding normally and sending out spam email to the users’ entire contact list.

Which of the following is this an example of?

A

C.

Worm outbreak

23
Q

A security administrator notices large amounts of traffic within the network heading out to an external website. The website seems to be a fake bank site with a phone number that when called, asks for sensitive information. After further investigation, the security administrator notices that a fake link was sent to several users.

Which of the following attacks is this an example of?

A

B.

Phishing

24
Q

Jane, an individual, has recently been calling various financial offices pretending to be another person to gain financial information.

Which of the following attacks is being described?

A

D.

Vishing

25
Q

Purchasing receives an automated phone call from a bank asking to input and verify credit card information. The phone number displayed on the caller ID matches the bank.

Which of the following attack types is this?

A

C.

Vishing

26
Q

A company’s employees were victims of a spear phishing campaign impersonating the CEO. The company would now like to implement a solution to improve the overall security posture by assuring their employees that email originated from the CEO.

Which of the following controls could they implement to BEST meet this goal?

A

B.

Digital signatures

27
Q

A user has unknowingly gone to a fraudulent site. The security analyst notices the following system change on the user’s host:

Old hosts’ file: 127.0.0.1 localhost New hosts’ file: 127.0.0.1 localhost 5.5.5.5 www.comptia.com

Which of the following attacks has taken place?

A

B.

Pharming

28
Q

Users at a company report that a popular news website keeps taking them to a web page with derogatory content.

Which of the following is this an example of?

A

B.

DNS poisoning

29
Q

Which of the following is described as an attack against an application using a malicious file?

A

A.

Client side attack

30
Q

Which of the following would BEST deter an attacker trying to brute force 4-digit PIN numbers to access an account at a bank teller machine?

A

C.

Account lockout settings

31
Q

Which of the following can be used by a security administrator to successfully recover a user’s forgotten password on a password protected file?

A

C.

Brute force

32
Q

A security administrator must implement all requirements in the following corporate policy: Passwords shall be protected against offline password brute force attacks. Passwords shall be protected against online password brute force attacks.

Which of the following technical controls must be implemented to enforce the corporate policy? (Choose three.)

A

A.
Account lockout

D.
Password complexity

F.
Minimum password length

33
Q

A recent spike in virus detections has been attributed to end-users visiting www.compnay.com. The business has an established relationship with an organization using the URL of www.company.com but not with the site that has been causing the infections.

Which of the following would BEST describe this type of attack?

A

A.

Typo squatting

34
Q

Using proximity card readers instead of the traditional key punch doors would help to mitigate:

A

D.

Shoulder surfing

35
Q

Ann an employee is visiting Joe, an employee in the Human Resources Department. While talking to Joe, Ann notices a spreadsheet open on Joe’s computer that lists the salaries of all employees in her department.

Which of the following forms of social engineering would BEST describe this situation?

A

D.

Shoulder surfing

36
Q

An investigator recently discovered that an attacker placed a remotely accessible CCTV camera in a public area overlooking several Automatic Teller Machines (ATMs). It is also believed that user accounts belonging to ATM operators may have been compromised.

Which of the following attacks has MOST likely taken place?

A

A.

Shoulder surfing

37
Q

All executive officers have changed their monitor location so it cannot be easily viewed when passing by their offices.

Which of the following attacks does this action remediate?

A

C.

Shoulder Surfing

38
Q

Ann, an employee, is cleaning out her desk and disposes of paperwork containing confidential customer information in a recycle bin without shredding it first.

This is MOST likely to increase the risk of loss from which of the following attacks?

A

B.

Dumpster diving

39
Q

Several bins are located throughout a building for secure disposal of sensitive information.

Which of the following does this prevent?

A

A.

Dumpster diving

40
Q

Physical documents must be incinerated after a set retention period is reached.

Which of the following attacks does this action remediate?

A

B.

Dumpster Diving

41
Q

At the outside break area, an employee, Ann, asked another employee to let her into the building because her badge is missing.

Which of the following does this describe?

A

B.

Tailgating

42
Q

Pete’s corporation has outsourced help desk services to a large provider. Management has published a procedure that requires all users, when receiving support, to call a special number.
Users then need to enter the code provided to them by the help desk technician prior to allowing the technician to work on their PC.

Which of the following does this procedure prevent?

A

B.

Impersonation

43
Q

Purchasing receives a phone call from a vendor asking for a payment over the phone. The phone number displayed on the caller ID matches the vendor’s number. When the purchasing agent asks to call the vendor back, they are given a different phone number with a different area code.

Which of the following attack types is this?

A

B.

Impersonation

44
Q

A database administrator receives a call on an outside telephone line from a person who states that they work for a well-known database vendor. The caller states there have been problems applying the newly released vulnerability patch for their database system, and asks what version is being used so that they can assist.

Which of the following is the BEST action for the administrator to take?

A

A.
Thank the caller, report the contact to the manager, and contact the vendor support line to verify any reported patch issues.

45
Q

A security administrator forgets their card to access the server room. The administrator asks a coworker if they could use their card for the day.

Which of the following is the administrator using to gain access to the server room?

A

C.

Impersonation

46
Q

Sara, an attacker, is recording a person typing in their ID number into a keypad to gain access to the building. Sara then calls the helpdesk and informs them that their PIN no longer works and would like to change it.

Which of the following attacks occurred LAST?

A

C.

Impersonation

47
Q

Which of the following is characterized by an attacker attempting to map out an organization’s staff hierarchy in order to send targeted emails?

A

A.

Whaling

48
Q

Which of the following attacks targets high level executives to gain company information?

A

B.

Whaling

49
Q

Users are encouraged to click on a link in an email to obtain exclusive access to the newest version of a popular Smartphone. This is an example of:

A

A.

Scarcity

50
Q

A computer supply company is located in a building with three wireless networks. The system security team implemented a quarterly security scan and saw the following.

SSIDStateChannelLevel
Computer AreUs1connected170dbm 
Computer AreUs2connected580dbm 
Computer AreUs3connected375dbm 
Computer AreUs4connected695dbm

Which of the following is this an example of?

A

A.

Rogue access point