Practice Exam 8 Flashcards
(25 cards)
Which of the answers listed below refers to a security vulnerability that enables inserting malicious code into input fields, such as search bars or login forms, to execute unauthorized commands on a database?
Answer: SQLi
Concept (Quick Explanation)
SQL Injection (SQLi) is an attack where an attacker inserts malicious SQL code into input fields to manipulate a database.
Key Points
Exploits poor input validation in web apps.
Targets SQL databases through forms like logins/search bars.
Allows data theft, unauthorized access, or data manipulation.
Prevented by input sanitization, parameterized queries, and web app firewalls (WAFs).
Why It Matters
SQLi is a critical vulnerability that can lead to massive data breaches. It’s a top OWASP risk and a key topic for both Security+ and real-world application security.
Which of the following indicates an SQL injection attack attempt?
Answer: SELECT * FROM users WHERE userName = ‘Alice’ AND password = ‘’ OR ‘1’ = ‘1’;
Concept (Quick Explanation)
This is an example of an SQL Injection attack where the attacker manipulates the SQL query to always return true.
Key Points
The injected portion is: ‘’ OR ‘1’=’1’
‘1’=’1’ is always true, bypassing authentication.
Makes the query return all users instead of just a specific one.
Exploits lack of input validation or parameterized queries.
Why It Matters
This attack bypasses login controls, allowing attackers unauthorized access. Recognizing such patterns is crucial for securing apps and passing Security+.
Which of the answers listed below describe the characteristics of a cross-site scripting attack? (Select 3 answers)
Answer: Exploits the trust a user’s web browser has in a website, A malicious script is injected into a trusted website, and User’s browser executes attacker’s script
Concept (Quick Explanation)
XSS is an attack where malicious scripts are injected into trusted websites and executed by users’ browsers.
Key Points
Exploits the trust between a user’s browser and a legitimate website.
Attacker injects malicious script into web pages viewed by other users.
User’s browser executes the attacker’s script, often stealing cookies or session data.
Common types: Stored, Reflected, and DOM-based XSS.
Why It Matters
XSS can lead to account hijacking, data theft, and malware delivery. It’s a frequent web vulnerability important for securing applications and essential for the Security+ exam.
Which of the following answers refers to a type of software embedded into a hardware chip?
Answer: Firmware
Concept (Quick Explanation)
Firmware is software embedded directly into hardware chips to control device functions.
Key Points
Resides on non-volatile memory like ROM or flash memory.
Provides low-level control for hardware components.
Acts as the bridge between hardware and higher-level software.
Can be updated but usually less frequently than regular software.
Why It Matters
Firmware controls essential device operations; vulnerabilities here can compromise the entire system. Understanding firmware is key for hardware security and the Security+ exam.
Which of the terms listed below refers to a product’s life-cycle management phase in which a product is no longer being produced or sold?
Answer: EOL (End of Life)
Concept (Quick Explanation)
EOL means a product is no longer produced, sold, or supported by the manufacturer.
Key Points
No more updates, patches, or security fixes.
Using EOL products increases security risks.
Important to plan for replacement or upgrade before EOL.
Common in hardware, software, and firmware life cycles.
Why It Matters
Running EOL products leaves systems vulnerable to attacks due to lack of updates. Managing EOL is critical for maintaining security and compliance, which is vital for Security+.
What is the main vulnerability related to legacy hardware?
Answer: Lack of security updates and patches
Concept (Quick Explanation)
Legacy hardware often lacks security updates and patches, making it vulnerable.
Key Points
Older devices may no longer receive firmware or software updates.
Unpatched vulnerabilities can be exploited by attackers.
Compatibility issues with newer security tools.
Increased risk of hardware failure or security breaches.
Why It Matters
Using legacy hardware without updates exposes networks to attacks and compliance risks. Security+ emphasizes understanding these risks to protect infrastructure effectively.
The term “VM escape” refers to the process of breaking out of the boundaries of a guest operating system installation to access the primary hypervisor controlling all the virtual machines on the host machine.
Answer: True
Concept (Quick Explanation)
VM escape is when an attacker breaks out of a virtual machine (guest OS) to access the underlying hypervisor.
Key Points
Breaks the isolation between guest OS and host hypervisor.
Can lead to control over other VMs on the same host.
Usually exploits hypervisor vulnerabilities.
Critical risk in virtualized environments.
Why It Matters
VM escape can compromise multiple virtual machines and the host, causing widespread damage. Security+ highlights virtualization security, making this concept important.
Which of the following answers refers to a virtualization-related vulnerability where virtualized assets allocated to one VM are improperly isolated and can be accessed or compromised by another VM?
Answer: Resource reuse
Concept (Quick Explanation)
Resource reuse vulnerability occurs when virtual machines improperly share or reuse hardware resources, leading to potential data leakage or compromise.
Key Points
Happens when memory, CPU cache, or storage is not fully cleared between VM uses.
One VM can access residual data from another VM.
Breaks isolation between virtual machines.
Mitigated by proper resource clearing and secure hypervisor configurations.
Why It Matters
Improper resource reuse risks exposing sensitive data across VMs, weakening virtualization security—an important area in Security+.
Which of the answers listed below refers to a cloud-related vulnerability type?
Answer: All of the above | Here are the correct answers: Insecure APIs, Poor access controls, Lack of security updates, Misconfigured cloud storage, and Shadow IT / Malicious insiders
Concept (Quick Explanation)
Cloud vulnerabilities arise from misconfigurations, insecure interfaces, and poor controls within cloud environments.
Key Points
Insecure APIs: Poorly designed or exposed interfaces allow attacks.
Poor access controls: Excessive permissions or weak authentication.
Lack of security updates: Unpatched cloud services or components.
Misconfigured cloud storage: Publicly exposed data buckets.
Shadow IT / Malicious insiders: Unauthorized cloud usage or insider threats.
Why It Matters
Cloud is widely used but often misconfigured or poorly managed, making it a prime target. Security+ covers these vulnerabilities to ensure safe cloud adoption.
The practice of installing mobile apps from websites and app stores other than the official marketplaces is referred to as:
Answer: Sideloading
Concept (Quick Explanation)
Sideloading is installing mobile apps from unofficial sources outside official app stores.
Key Points
Bypasses official app vetting and security checks.
Increases risk of malware and malicious apps.
Common on Android devices; less common on iOS due to restrictions.
Requires user to enable installation from unknown sources.
Why It Matters
Sideloading can introduce malware and compromise device security. Understanding this helps protect mobile environments, a key topic in Security+.
Which of the following terms is used to describe the process of removing software restrictions imposed by Apple on its iOS operating system?
Answer: Jailbreaking
Concept (Quick Explanation)
Jailbreaking is the process of removing Apple’s software restrictions on iOS devices.
Key Points
Allows installation of unauthorized apps and tweaks.
Bypasses Apple’s security controls and app store policies.
Increases device vulnerability to malware and attacks.
Often used to customize iOS beyond Apple’s limits.
Why It Matters
Jailbreaking weakens built-in security, exposing devices to risks. Recognizing this is important for mobile security topics in Security+.
The term “Rooting” refers to the capability of gaining administrative access to the operating system and system applications on:
Answer: Android devices
Concept (Quick Explanation)
Rooting is gaining administrative (root) access to the Android operating system.
Key Points
Allows full control over the device and system apps.
Bypasses manufacturer restrictions.
Enables customization but increases security risks.
Can void warranties and disable updates.
Why It Matters
Rooting compromises device security by exposing it to malware and unauthorized changes. Understanding rooting is key for mobile security in Security+.
A type of attack aimed at exploiting vulnerability that is present in already released software but unknown to the software developer is known as:
Answer: Zero-day attack
Concept (Quick Explanation)
A zero-day attack exploits a software vulnerability unknown to the developer and unpatched.
Key Points
Vulnerability is not publicly known or fixed.
Attackers exploit it before a patch is available.
Can cause severe damage due to lack of defenses.
Requires quick detection and response once discovered.
Why It Matters
Zero-day attacks are highly dangerous and hard to defend against, making them critical to understand for Security+ and real-world security.
Malware that restricts access to a computer system by encrypting files or locking the entire system down until the user performs requested action is called:
Answer: Ransomware
Concept (Quick Explanation)
Ransomware is malware that encrypts files or locks a system, demanding payment to restore access.
Key Points
Encrypts user data or locks the system interface.
Demands ransom, usually in cryptocurrency, for decryption keys.
Spreads via phishing, malicious downloads, or vulnerabilities.
Prevention includes backups, patches, and user training.
Why It Matters
Ransomware can cause major data loss and financial damage. Understanding it is essential for Security+ and protecting organizations.
A Trojan horse is a type of software that performs harmful actions under the guise of a legitimate and useful program. The most characteristic feature of Trojan horse is that while it may function as a legitimate program and possess all the expected functionalities, it also contains a concealed portion of malicious code that the user is unaware of.
Answer: True
Concept (Quick Explanation)
A Trojan horse is malware disguised as a legitimate program but contains hidden malicious code.
Key Points
Appears useful or harmless to the user.
Performs harmful actions without user knowledge.
Often used to steal data, install backdoors, or cause damage.
Requires user to execute or install it.
Why It Matters
Trojans trick users into installing malware, making user awareness and endpoint security critical—key Security+ concepts.
Which type of Trojan enables unauthorized remote access to a compromised system?
Answer: RAT (Remote Access Trojan)
Concept (Quick Explanation)
A RAT is a Trojan that allows attackers to remotely control a compromised system.
Key Points
Provides full remote access to the attacker.
Can steal data, install malware, or control the system.
Often used for espionage or further attacks.
Requires user to execute the Trojan to infect the system.
Why It Matters
RATs are dangerous because they give attackers stealthy control, making detection and prevention crucial for Security+.
A standalone malicious computer program that typically propagates itself over a computer network to adversely affect system resources and network bandwidth is referred to as:
Answer: Worm
Concept (Quick Explanation)
A worm is a standalone malware that self-replicates and spreads over networks without user action.
Key Points
Propagates by exploiting vulnerabilities or network connections.
Consumes system resources and bandwidth.
Can carry payloads like ransomware or backdoors.
Different from viruses because it doesn’t need to attach to files.
Why It Matters
Worms can cause widespread network damage rapidly. Knowing their behavior is essential for network security and Security+.
Malicious software collecting information about users without their knowledge/consent is known as:
Answer: Spyware
Concept (Quick Explanation)
Spyware is malware that secretly collects user information without consent.
Key Points
Tracks browsing habits, keystrokes, or personal data.
Often bundled with legitimate software or via phishing.
Can slow down systems and compromise privacy.
Detection and removal require specialized anti-malware tools.
Why It Matters
Spyware invades privacy and can lead to identity theft, making it important to understand for Security+ and user protection.
Which of the answers listed below refer to the characteristic features of bloatware? (Select 3 answers)
Answer: Pre-installed on a device by the device manufacturer or retailer, Generally considered undesirable due to negative impact on system performance, and Installed without user consent
Concept (Quick Explanation)
Bloatware is unwanted software pre-installed on devices that often slows down system performance.
Key Points
Comes pre-installed by manufacturers or retailers.
Usually installed without explicit user consent.
Negatively impacts device speed and storage.
Often difficult to remove completely.
Why It Matters
Bloatware wastes resources and can introduce security risks, making awareness important for device management and Security+.
Which of the following answers refer to the characteristics of a PUP? (Select 3 answers)
Answer: Often installed without clear user consent, Can be pre-installed, downloaded, or bundled with other software, and Generally considered undesirable due to negative impact on system performance, privacy, and security
Concept (Quick Explanation)
PUPs are programs that users often don’t want, usually installed without clear consent, and negatively affect system performance and security.
Key Points
Installed without clear user consent.
Can be pre-installed, downloaded, or bundled with other software.
Often slow down systems and risk privacy/security.
Not always outright malware but unwanted.
Why It Matters
PUPs clutter systems and create security/privacy risks, so recognizing and managing them is important for Security+.
Which of the statements listed below apply to the definition of a computer virus? (Select 3 answers)
Answer: A self-replicating computer program containing malicious segment, Malware that typically requires its host application to be run to make the virus active, and Malicious code that typically attaches itself to an application program or other executable component
Concept (Quick Explanation)
A virus is malicious code that attaches to programs and requires execution to spread and activate.
Key Points
Self-replicates by attaching to executable files or programs.
Requires the host program to run for activation.
Contains malicious code that can harm systems or data.
Why It Matters
Viruses are a classic malware type, and understanding their behavior helps with detection and prevention in Security+.
Which of the following is an example of spyware?
Answer: Keylogger
Concept (Quick Explanation)
A keylogger is spyware that records every keystroke a user makes.
Key Points
Captures sensitive data like passwords and credit card numbers.
Can be hardware-based or software-based.
Often installed via malware or phishing attacks.
Used for stealing credentials and spying on user activity.
Why It Matters
Keyloggers compromise privacy and security by capturing confidential info, making them critical to understand for Security+.
Malicious code activated by a specific event is called:
Answer: Logic bomb
Concept (Quick Explanation)
A logic bomb is malicious code triggered by a specific event or condition.
Key Points
Remains dormant until triggered (e.g., date, action).
Can delete files, corrupt data, or disrupt systems.
Often hidden inside legitimate programs.
Hard to detect before activation.
Why It Matters
Logic bombs can cause targeted damage unexpectedly, so recognizing and defending against them is vital for Security+.
Which of the following answers refers to a collection of software tools used by a hacker to mask intrusion and obtain administrator-level access to a computer or computer network?
Answer: Rootkit
Concept (Quick Explanation)
A rootkit is a collection of tools that hide a hacker’s presence and help gain admin-level control.
Key Points
Conceals malware, files, processes, and network connections.
Provides persistent, stealthy access to the attacker.
Difficult to detect and remove.
Often used after initial system compromise.
Why It Matters
Rootkits enable deep, stealthy attacks, making detection and removal challenging—key for Security+ and real-world defense.
