What type of attack occurs when data goes beyond the memory areas allocated to an application?
Buffer overflow✅
RAM spoofing
SQL injection
RAM injection
A buffer overflow occurs when data is written beyond the limits of a buffer. By changing data beyond the boundaries of a buffer, the application can access memory allocated to other processes. This can lead to a system crash or data compromise, or provide escalation of privileges.
Question 2
Which of the following statements describes a distributed denial of service (DDoS) attack?
One computer accepts data packets based on the MAC address of another computer
An attacker sends an enormous quantity of data that a server cannot handle
An attacker monitors network traffic to learn authentication credentials
A botnet of zombies, coordinated by an attacker, overwhelms a server with DoS attacks ✅
In a distributed denial-of-service (DDoS) attack, the attacker utilzies multiple compromized computer systems called zombies to attack a targeted server. The target is overwhelmed and cannot service requests from other hosts.
Question 3
Employees in an organization report that the network access is slow. Further investigation reveals that one employee downloaded a third-party scanning program for the printer.
What type of malware may have been introduced?
Spam
Worm✅
Phishing
Trojan horse
A worm is malicous software that can spread through the network and run without user participation. Worms will usually slow down the network.
Question 4
Employees in an organization report that they cannot access the customer database on the main server. Further investigation reveals that the database file is now encrypted. Shortly afterward, the organization receives a threatening email demanding payment for the decryption of the database file.
What type of attack has the organization experienced?
Trojan horse
DoS attack
Man-in-the-middle attack
Ransomware✅
In a ransomware attack, the attacker compromises the victum computer and encrypts the hard drive so that data can no longer be accessed by the user. The attacker then demands payment from the user to decrypt the drive.
Question 5
A penetration test carried out by an organization identified a backdoor on the network. What action should the organization take to find out if their systems have been compromised?
Scan the systems for viruses
Look for unauthorized accounts✅
Look for policy changes in Event Viewer
Look for usernames that do not have passwords
If a penetration test is successful, the corporation should check to locate vulnerabilities in the network and also check to see if there are new unauthorized accounts.
Question 6
What non-technical method could a cybercriminal use to gather sensitive information from an organization?
Pharming
Social engineering✅
Man-in-the-middle
Ransomware
Social Engineering is a very effective way to get personal or sensitive corpoate information from an employee. Cybercriminals may try to get to know an employee and then use trust or familiarity to gather the needed information.
Question 7
A secretary receives a phone call from someone claiming that their manager is about to give an important presentation but the presentation files are corrupted.
The caller sternly asks that the secretary email the presentation right away to a personal email address. The caller also states that the secretary is being held personally responsible for the success of this presentation.
What type of social engineering tactic is the caller using?
Urgency
Familiarity
Trusted partners
Intimidation✅
Intimidation is a tactic that cybercriminals will often use to bully a victim into taking an action that compromises security.
Question 8
All employees in an organization receive an email stating that their account password will expire immediately and that they should reset their password within five minutes.
Which of the following statements best describes this email?
It is a hoax✅
It is an impersonation attack
It is a piggyback attack
It is a DDoS attack
A hoax is an act intended to deceive or trick someone. This type of email can cause unnecessary disruption, extra work, and fear.
Question 9
Which best practices can help defend against social engineering attacks?
Select three correct answers
Resist the urge to click on enticing web links✅
Deploy well-designed firewall appliances
Enable a policy that states that the IT department should supply information over the phone only to managers
Do not provide password resets in a chat window✅
Add more security guards
Educate employees regarding security policies
Employees should be taught to avoid getting caught in a social engineering situation. They should never click a link in an email from an unknown source, never share a password, and never send sensitive corporate information under pressure to an unknown destination.
Question 10
What do you call an impersonation attack that takes advantage of a trusted relationship between two systems?
Spamming
Man-in-the-middle
Sniffing
Spoofing✅
In spoofing attacks, hackers can disguise their devices by using a valid address from the network and therefore bypass authentication processes. MAC addresses and IP addresses can be spoofed and can also be used to spoof ARP relationships.
Question 11
A cybercriminal sends a series of maliciously formatted packets to a database server, which causes the server to crash.
What do you call this type of attack?
Man-in-the-middle
DoS✅
Packet injection
SQL injection
In a denial-of-service (DoS) attack the attacker attempts to make a server or other network resource unavailable to legitimate users.
Question 12
The awareness and identification of vulnerabilities is a critical function of a cybersecurity specialist. Which of the following resources can they use to identify specific details about vulnerabilities?
CVE national database✅
Infragard
ISO/IEC 27000 model
NIST/NICE framework
The United States Computer Emergency Readiness Team (US-CERT) and the U.S. Department of Homeland Security sponsor a dictionary of common vulnerabilities and exposures (CVE).
Each CVE entry contains a standard identifier number, a brief description of the security vulnerability and any important references to related vulnerability reports. The CVE list is maintained by a not-for-profit, the MITRE Corporation, on its public website.
No comments:
Post a Comment