Practice Exam 7 Flashcards
(25 cards)
Exploiting known vulnerability is a common threat vector for:
Answer: Unsupported systems/apps
Important Information
Unsupported systems/apps no longer receive security patches or updates.
Attackers exploit known vulnerabilities in these outdated systems.
Common targets because they are easier to compromise.
Leads to unauthorized access, data breaches, or malware infections.
Quick Explanation
When systems or applications are unsupported, their security weaknesses remain unpatched, making them prime targets for attackers.
Why It Matters
Regular updates and patch management are critical to defend against these exploit-based attacks—a core Security+ principle.
A solution that simplifies configuration of new wireless networks by allowing non-technical users to easily configure network security settings and add new devices to an existing network is called:
Answer: WPS (Wi-Fi Protected Setup)
Important Information
WPS simplifies wireless network setup.
Designed for non-technical users to easily configure security settings.
Allows quick addition of new devices to a Wi-Fi network.
Uses methods like PIN entry or push-button.
However, WPS has security vulnerabilities, especially with PIN-based method.
Quick Explanation
WPS makes connecting devices to Wi-Fi easier but can expose networks to attacks if not managed carefully.
Why It Matters
Understanding WPS helps balance convenience and security when managing wireless networks—important for Security+.
Which of the wireless technologies listed below are considered potential threat vectors and should be avoided due to their known vulnerabilities? (Select all that apply)
Answer: WPS, WPA, WPA2, and WEP
Important Information
WEP: Very weak, easily cracked — avoid using.
WPS: Has known vulnerabilities, especially the PIN method — use with caution or disable.
WPA: Better than WEP but now considered insecure and deprecated.
WPA2: Currently secure, widely used with strong encryption (AES), but some older implementations have vulnerabilities; still preferred over WEP and WPA.
WPA3 (not listed) is the most secure modern standard.
Quick Explanation
Avoid WEP and WPA due to weak encryption.
Disable WPS if possible due to security flaws.
Use WPA2 or WPA3 for better security.
Why It Matters
Choosing strong wireless security protocols prevents attackers from exploiting weak encryption and gaining unauthorized access.
The term “Evil twin” refers to a rogue WAP set up for eavesdropping or stealing sensitive user data. Evil twin replaces the legitimate AP and by advertising its own presence with the same Service Set Identifier (SSID, a.k.a. network name) appears as a legitimate AP to connecting hosts.
Answer: True
Important Information
Evil Twin = Rogue wireless access point (WAP).
Mimics legitimate AP by using the same SSID (network name).
Used to eavesdrop on users or steal sensitive data.
Traps victims into connecting to the fake AP instead of the real one.
Quick Explanation
Attackers set up Evil Twins to intercept communications by tricking users into connecting to fake Wi-Fi networks.
Why It Matters
Recognizing Evil Twin attacks helps protect wireless networks and user data—critical for Security+.
Which of the following answers refers to a threat vector characteristic only to wired networks?
Answer: Cable tapping
Important Information
Cable tapping: Physical interception of data by tapping into network cables (Ethernet, fiber optic, etc.).
Only applies to wired networks.
Allows attackers to capture data traveling over the network without detection.
Requires physical access to the network cables.
Quick Explanation
Cable tapping is a wire-specific threat where attackers physically intercept data transmissions.
Why It Matters
Awareness helps in securing physical infrastructure and detecting unauthorized access—important for Security+.
Examples of threat vectors related to Bluetooth communication include: bluesmacking (a type of DoS attack that targets Bluetooth devices by overwhelming them with excessive traffic), bluejacking (the practice of sending unsolicited messages or data to a Bluetooth-enabled device), bluesnarfing (gaining unauthorized access to a Bluetooth device and data theft), and bluebugging (gaining remote control over a Bluetooth device).
Answer: True
Important Information
Bluesmacking: DoS attack flooding Bluetooth devices with traffic.
Bluejacking: Sending unsolicited messages to Bluetooth devices.
Bluesnarfing: Unauthorized data access and theft via Bluetooth.
Bluebugging: Remote control takeover of a Bluetooth device.
Quick Explanation
Bluetooth attacks exploit wireless connections to disrupt, spy on, or control devices.
Why It Matters
Knowing these threats helps protect Bluetooth devices and prevent unauthorized access—vital for Security+.
Which of the answers listed below refers to the most probable cause of an unauthorized access caused by the exploitation of a specific network entry point?
Answer: Open service ports
Important Information
Open service ports are network entry points listening for connections.
Attackers exploit these ports if they run vulnerable or unnecessary services.
Common ports targeted: FTP (21), SSH (22), Telnet (23), HTTP (80), etc.
Unsecured open ports increase risk of unauthorized access.
Quick Explanation
Open ports expose services that, if not secured properly, can be entry points for attackers.
Why It Matters
Regularly scanning and securing open ports reduces attack surfaces—critical for Security+.
The importance of changing default usernames and passwords can be illustrated by the example of certain network devices (such as routers), which are often shipped with default and well-known admin credentials that can be looked up on the web.
Answer: True
Important Information
Many devices come with default usernames and passwords.
These credentials are publicly known and easily found online.
Leaving defaults unchanged allows attackers easy access.
Changing defaults is a simple but critical security step.
Quick Explanation
Default credentials are a common and easy attack vector; changing them protects devices from unauthorized access.
Why It Matters
Mitigating this basic risk is fundamental to securing network devices—a core Security+ practice.
Which of the following would be the best solution for a company that needs IT services but lacks any IT personnel?
Answer: MSP (Managed Service Provider)
Important Information
MSP: A third-party company that provides IT services and management.
Ideal for organizations without in-house IT staff.
Offers services like network management, security, backups, and support.
Helps maintain IT infrastructure and handle cybersecurity.
Quick Explanation
An MSP takes over IT responsibilities, ensuring professional management and security without needing internal IT personnel.
Why It Matters
Using an MSP helps organizations maintain secure, reliable IT systems when internal expertise is unavailable—important for Security+.
Which of the terms listed below refers to a third-party vendor offering IT security management services?
Answer: MSSP (Managed Security Service Provider)
Important Information
MSSP: A third-party vendor specializing in IT security management.
Provides services such as monitoring, threat detection, incident response, and vulnerability management.
Helps organizations strengthen their cybersecurity posture.
Often works alongside or as part of an MSP but focuses specifically on security.
Quick Explanation
MSSPs handle security operations for clients, offering expert protection and reducing internal workload.
Why It Matters
Outsourcing security to MSSPs improves threat response and defense capabilities—a key concept in Security+.
Which of the following answers refer to common threat vectors that apply to MSPs, vendors, and suppliers in the supply chain? (Select 2 answers)
Answer: Propagation of malware and Social engineering techniques
Important Information
Propagation of malware: Malware can spread through third-party systems, infecting connected clients.
Social engineering techniques: Attackers exploit human trust to gain access via phishing, impersonation, etc.
MSPs, vendors, and suppliers can be weak links exploited to compromise organizations.
Quick Explanation
Third parties introduce risks through malware spread and human-targeted attacks, impacting overall supply chain security.
Why It Matters
Securing supply chains and third-party relationships is critical to prevent indirect attacks—vital for Security+.
A social engineering technique whereby attackers under disguise of a legitimate request attempt to gain access to confidential information is commonly referred to as:
Answer: Phishing
Important Information
Phishing: Social engineering attack.
Attackers disguise themselves as legitimate sources.
Aim to trick victims into revealing confidential info (passwords, credit cards, etc.).
Often done via email, but can use phone calls or messages.
Quick Explanation
Phishing tricks users into giving away sensitive data by pretending to be trustworthy entities.
Why It Matters
Recognizing phishing helps prevent data breaches and unauthorized access—a core Security+ topic.
Which social engineering attack relies on identity theft?
Answer: Impersonation
Important Information
Impersonation: Social engineering attack using identity theft.
Attacker pretends to be a trusted person or authority.
Goal: Gain unauthorized access or sensitive information.
Can occur in-person, over phone, or online.
Quick Explanation
By pretending to be someone else, attackers manipulate victims into trusting and revealing confidential info.
Why It Matters
Detecting impersonation is key to preventing social engineering breaches—essential for Security+.
A BEC (Business Email Compromise) attack is an example of:
Answer: Phishing
Important Information
BEC attack: A specialized form of phishing.
Targets businesses via fraudulent emails.
Often involves impersonating executives or vendors.
Goal: Trick employees into transferring money or sensitive info.
Quick Explanation
BEC attacks use email scams to deceive businesses into financial or data loss.
Why It Matters
Understanding BEC helps prevent costly fraud—critical for Security+ exam prep.
Which of the answers listed below refers to a social engineering technique where an attacker creates a false scenario or situation to deceive the victim into revealing sensitive information?
Answer: Pretexting
Important Information
Pretexting: Social engineering attack involving a fabricated scenario.
Attacker invents a believable story or role.
Goal: Gain trust and extract sensitive info.
Often used to bypass security or gather intelligence.
Quick Explanation
Pretexting tricks victims by creating a convincing but false situation to manipulate them.
Why It Matters
Recognizing pretexting helps defend against deception-based attacks—key for Security+.
Which of the following terms refers to a platform used for watering hole attacks?
Answer: Websites
Important Information
Watering Hole Attack: Attackers compromise websites frequently visited by their target group.
The compromised websites serve as platforms to deliver malware or exploit vulnerabilities.
Targets unknowingly get infected when visiting these trusted sites.
Quick Explanation
Attackers infect popular websites to “ambush” specific victims, exploiting trust in these sites.
Why It Matters
Awareness helps in monitoring web traffic and protecting users from targeted attacks—important for Security+.
The term “URL hijacking” (a.k.a. “Typosquatting”) refers to a deceptive practice involving the deliberate registration of domain names with misspellings or slight variations that closely resemble well-established and popular domain names. The primary goal of this strategy is to exploit the common typographical errors made by users while entering URLs into their web browser’s address bar. Beyond capturing inadvertent traffic, typosquatting may also be used for hosting phishing sites to trick users into divulging sensitive information, distributing malware through deceptive websites, generating ad revenue by redirecting mistyped traffic, or engaging in brand impersonation to harm the reputation of authentic brands or deceive users.
Answer: True
Important Information
URL hijacking (Typosquatting): Registering domain names with misspellings or slight variations.
Exploits common user typos when typing URLs.
Used to redirect users to phishing sites, malware, ads, or impersonate brands.
Can harm users and damage legitimate brands.
Quick Explanation
Attackers capitalize on user errors in URLs to trick or mislead them for malicious purposes.
Why It Matters
Recognizing typosquatting helps prevent phishing and brand damage—key for Security+ awareness.
Which type of application attack relies on introducing external code into the address space of a running program?
Answer: Memory injection
Important Information
Memory Injection: An application attack where external code is inserted into a running program’s memory space.
Enables attackers to execute malicious code within the program.
Common methods include buffer overflow exploits and DLL injection.
Can lead to unauthorized control, data theft, or system compromise.
Quick Explanation
Attackers inject code into a program’s memory to hijack its execution and carry out malicious actions.
Why It Matters
Understanding memory injection is vital to protect software from deep system-level attacks—crucial for Security+.
A collection of precompiled functions designed to be used by more than one Microsoft Windows application simultaneously to save system resources is known as:
Answer: DLL (Dynamic Link Library)
Important Information
DLL (Dynamic Link Library): A file containing precompiled code/functions shared by multiple Windows applications.
Promotes modular programming and code reuse.
Helps save system resources (memory/disk) by allowing multiple programs to use the same library simultaneously.
Commonly targeted in DLL injection attacks (used in memory injection).
Quick Explanation
DLLs are shared libraries in Windows that help apps run more efficiently by using common code.
Why It Matters
Understanding DLLs is key to recognizing vulnerabilities like DLL hijacking or injection—a major part of Security+ and real-world security.
Which of the answers listed below refers to an application attack that relies on executing a library of code?
Answer: DLL (Dynamic Link Library) injection
Important Information
DLL Injection: An application attack where a malicious Dynamic Link Library (DLL) is injected into the address space of a running process.
Once injected, the code runs within the target process’s context.
Used to modify behavior, steal data, or execute arbitrary commands.
Common in Windows environments.
Quick Explanation
DLL injection tricks a program into loading malicious code as if it were part of its normal operations.
Why It Matters
It’s a powerful attack method that can be hard to detect and gives attackers deep control—knowing this helps with malware defense and software hardening on the Security+ exam.
A type of exploit in which an application overwrites the contents of a memory area it should not have access to is called:
Answer: Buffer overflow
Important Information
Buffer Overflow: An exploit where a program writes more data to a memory buffer than it can hold, causing adjacent memory to be overwritten.
Can lead to crashes, data corruption, or arbitrary code execution.
Often used to inject malicious code into a program.
Common in C/C++ programs due to lack of built-in bounds checking.
Quick Explanation
A buffer overflow happens when data spills past its intended space in memory, potentially letting attackers hijack program execution.
Why It Matters
Buffer overflows are one of the most dangerous vulnerabilities—understanding them is essential for preventing system compromise, which is key to success on the Security+ exam.
A malfunction in a preprogrammed sequential access to a shared resource is described as:
Answer: Race condition
Important Information
Race Condition: A timing-based vulnerability where two or more operations access a shared resource in an unexpected order.
Happens in multi-threaded or multi-process environments.
Attackers exploit it to gain unauthorized access, elevate privileges, or cause logic flaws.
Can affect files, variables, or system state.
Quick Explanation
A race condition occurs when the behavior of a system depends on the timing or sequence of events, and attackers exploit that window to interfere with the process.
Why It Matters
Race conditions can undermine critical system operations and lead to security breaches—understanding them helps prevent subtle but serious bugs in secure software design, a key Security+ concept.
A type of vulnerability where the state of a resource is verified at one point in time but may change before the resource is actually used is referred to as:
Answer: TOC/TOU (Time of Check to Time of Use)
Important Information
TOC/TOU: A race condition where a resource is checked (TOC) for security or availability, but is then used (TOU) at a later time.
The resource’s state may change in between, leading to unexpected or unauthorized behavior.
Common in file systems, memory, and access control.
Attackers exploit the gap between check and use to switch or modify the resource.
Quick Explanation
TOC/TOU is like checking a file’s permissions and then opening it later—if the file is changed after the check but before the use, security assumptions may be invalidated.
Why It Matters
TOC/TOU flaws can allow privilege escalation, bypassing security checks, or data manipulation—a critical concept in secure programming and part of the Security+ exam’s focus on application and system vulnerabilities.
A malicious application update is a type of malware that can be installed through a seemingly legitimate software update. The introduction of a malicious update into the application code can be enabled through various means, including:
Answer: All of the above | Here are the answers: Unsigned application code, Unencrypted update channel (HTTP vs HTTPS), Fake update website, Unauthorized access to update server, and Compromised software development process
Important Information
Malicious application update: Malware disguised as a legitimate software update.
Common enablers include:
Unsigned code – no digital signature to verify authenticity.
Unencrypted channels – using HTTP instead of HTTPS allows interception and modification.
Fake update websites – attackers mimic real vendors to trick users.
Unauthorized access to update servers – attackers upload malicious updates.
Compromised development processes – attackers insert malware into code during development or CI/CD pipelines.
Quick Explanation
This threat leverages trust in updates. If the delivery system or code integrity is compromised, attackers can distribute malware under the guise of an official patch or upgrade.
Why It Matters
These attacks can bypass user scrutiny, install silently, and affect a large user base quickly. Understanding this vector helps reinforce the importance of code signing, secure update channels, and supply chain security—core Security+ concepts.
