Study sets, textbooks, questions
Upgrade to remove ads
CompTIA Security+ Review
All from free practice exams
Terms in this set (55)
B. Malware (X)
Harmful programs used to disrupt computer operation, gather sensitive information, or gain unauthorized access to computer systems are commonly referred to as:
A. A self-replicating computer program containing malicious segment (X)
B. Requires its host application to be run to make the virus active (X)
C. A standalone malicious computer program that replicates itself over a computer network
D. Can run by itself without any interaction
E. Attaches itself to an application program or other executable component (X)
F. A self-contained malicious program or code that does need a host to propagate itself
Which of the following statements apply to the definition of a computer virus? (Select 3 answers)
B. Ransomware (X)
Which of the terms listed below refers to an example of a crypto-malware?
Malware that restricts access to a computer system by encrypting files or locking the entire system down until the user performs requested action is known as:
A standalone malicious computer program that typically propagates itself over a computer network to adversely affect system resources and network bandwidth is called:
A. True (X)
A type of software that performs unwanted and harmful actions in disguise of a legitimate and useful program is known as a Trojan horse. This type of malware may act like a legitimate program and have all the expected functionalities, but apart from that it will also contain a portion of malicious code that the user is unaware of.
A collection of software tools used by a hacker to mask intrusion and obtain administrator-level access to a computer or computer network is known as:
A. Keylogger (X)
B. Vulnerability scanner
C. Computer worm
D. Packet sniffer
Which of the following answers lists an example of spyware?
A. Unsolicited or undesired electronic messages
B. Malicious program that sends copies of itself to other computers on the network
C. Software that displays advertisements (X)
D. Malicious software that collects information about users without their knowledge
What is adware?
Malicious software collecting information about users without their knowledge/consent is known as:
A malware-infected networked host under remote control of a hacker is commonly referred to as:
B. Botnet (X)
C. Quarantine network
Which of the terms listed below applies to a collection of intermediary compromised systems that are used as a platform for a DDoS attack?
B. RAT (X)
Which type of Trojan enables unauthorized remote access to a compromised system?
Malicious code activated by a specific event is called:
Which of the following answers refers to an undocumented (and often legitimate) way of gaining access to a program, online service, or an entire computer system?
An unauthorized practice of obtaining confidential information by manipulating people into disclosing sensitive data is referred to as:
A. Phishing (X)
B. Watering hole attack
C. Social engineering (X)
A fraudulent email requesting its recipient to reveal sensitive information (e.g. username and password) used later by an attacker for the purpose of identity theft is an example of: (Select all that apply)
A social engineering technique whereby attackers under disguise of a legitimate request attempt to gain access to confidential information they shouldn't have access to is commonly referred to as:
Phishing scams targeting a specific group of people are referred to as:
Phishing scams targeting people holding high positions in an organization or business are known as:
The practice of using a telephone system to manipulate user into disclosing confidential information is called:
Gaining unauthorized access to restricted areas by following another person
What is tailgating?
Which social engineering attack relies on identity theft?
A. True (X)
In computer security, the term "Dumpster diving" is used to describe a practice of sifting through trash for discarded documents containing sensitive data. Found documents containing names and surnames of the employees along with the information about positions held in the company and other data can be used to facilitate social engineering attacks. Having the documents shredded or incinerated before disposal makes dumpster diving less effective and mitigates the risk of social engineering attacks.
A situation in which an unauthorized person can view another user's display or keyboard to learn their password or other confidential information is referred to as:
B. Ransomware (X)
D. Logic Bombs
Explanation: Ransomware software takes control of a system by encrypting the hard drive or changing a password and requires the user to pay an extortion to revert their system back to normal.
Which of the following types of malware delivery, usually through a Trojan, includes demands for payment?
C. Rootkit (X)
Explanation: The primary function of a rootkit is to become undetectable and mask its functions from the operating system. Crypto malware encrypts files, drives and even networks quite visibly. Ransomware cripples user interaction until a fee is paid. A worm's primary function is to multiply and spread.
Review the malware related compromises listed. Which type of malware can make its presence and that of its accompanying payload invisible to the system?
The act of pretending to be the proper owner of an address or the provider of a service, when another system is actually the true provider, is referred to as ___________.
Explanation: The White Box Model of penetration testing treats the attacker as a trusted insider giving them considerable network knowledge and combining it with an advanced skill set. The parameters of the attack are designed by upper management and the White Box tester will report only to upper management. Gray box testing is a hybrid of White Box and Black Box methodology and its focus is determined by the client's management team. Reporting will be specified in the attack plan. The Black Box attack will have less information about the network and the attacker will require a higher skill set by first gaining access to the target then finding and exploiting any vulnerabilities.
Which type of network penetration attack model requires an attacker to have the highest skill level?
A. Packet sniffer
B. Vulnerability scanner (X)
C. Risk scanner
D. Port scanner
Explanation: Vulnerability scanners such as Nmap normally use an updated database of known security vulnerabilities and misconfigurations for various operating systems and network devices. This database is compared against a single host or a network scan to determine whether any hosts or devices are vulnerable. Reports can then be generated from the scan. Network scans can also reveal the presence of rogue systems and re-route traffic through attacker systems for unauthorized detailed traffic examination.
Which one of the listed tools scans for known security threats on groups of computers?
A. Tunnel mode
B. TLS (X)
Explanation: IPsec offers greater overall protection than TLS. IPsec uses the Authentication Header protocol (AH) for authentication and the Encapsulating Security Payload (ESP) for confidentiality. IPsec operates in both transport mode and the more secure tunnel mode.
The IPsec protocol suite uses all but one of the choices listed below. Which of these is NOT relevant to IPsec?
2 and 3
Explanation: A multilayer switch operates at Layers 2 and 3. Considering Layer 2 vs. Layer 3 operation, the Layer 3 switch will outperform a router on VLANS because the Layer 3 switch has both a MAC address table and an IP routing table.
You have a multilayer switch. Which layers does it operate at?
B. Honeypot (X)
Which choice listed below describes the deployment of a network device in order to conduct academic research or detect attackers inside the organization's network perimeter?
A. Insider threat
B. Unauthorized software
D. Misconfigured firewall (X)
Explanation: A misconfigured firewall would prevent the local service from being able to connect to a service on a different machine over the network.
A service on a local server cannot communicate with its database server running on another machine. The database server is functioning correctly and all network connections are working properly. What is most likely causing this issue?
C. HIDS (X)
The host-based intrusion detection system can be referred to as which of the following?
A. Application control
B. Asset tracking
C. Guest network (X)
D. Device access controls
A simple way to keep virus, spyware and other malware from attacking your network while allowing BYOD is to use which of the following?
B. Network segmentation and security layers (X)
C. Application firewalls
Explanation: Network segmentations divides your network into segments with each connection point protected with their own security features such as firewalls and IDS.
Which of the following methods would generally speaking be the most basic method to mitigate security risks on a network?
A. Device encryption
B. Remote wipe
C. Application control
D. Storage segmentation (X)
Explanation: Storage segmentation on a mobile device is used to keep personal and company data separate. Company data can also be encrypted by using storage segmentation.
Which of the following BYOD security measures would allow separation between work and personal data?
B. Secure Boot checking each digital certificate (X)
D. Hardware root of trust
Explanation: Secure Boot is used in conjunction with UEFI to ensure the system boots from trusted software and firmware. HSM is a secure cryptographic processor. Attestation is a method of ensuring executable integrity against a set of known and trusted executables. The hardware root of trust is the first step in the chain of trust, which ensures a machine is able to boot to a trusted operating system.
UEFI is a new technology that is starting to replace the system BIOS and has several additional features. Which of these best identifies the security standard used along with UEFI to confirm that only trusted software and firmware is used to access a trusted operating system?
C. Software trust
D. Secure system design (X)
Explanation: Deploying least functionality and disabling unnecessary ports and services are elements of secure system design. The least functionality concept restricts a user into having only the permissions necessary to perform his/her duties. Disabling unnecessary ports and services reduces the attack surface of the system.
Deploying least functionality along with disabling unnecessary ports and services are two methods of ________________. (Choose the best answer.)
A. Multifactor authentication
B. Ticket granting
C. The AAA model (X)
Explanation: AAA stands for authentication, authorization and accounting. It refers to the security architecture for distributed systems for controlling which users are allowed access to which services, and tracking which resources they have used.
The three step process of authentication, authorization, and accounting, is usually referred to as which of the following choices below?
B. Open ID Connect
C. Transitive trust (X)
Explanation: Transitive trusts are created automatically in the Microsoft Active Directory (AD) forest. The other choices describe federated SSO systems.
Which term describes the automatic creation of a two-way relationship between child and parent domains in a Microsoft AD forest?
C. Digital signatures (X)
Explanation: Multifactor authentication requires identification from at least one means of authentication from at least two of three factors. Common factors are something you know, something you have and something about you.
Multifactor authentication uses at least two of three possible authentication methods to identify a user. Which of the following is not one of the generally accepted methods?
Explanation: Secure LDAP is essential to maintaining a secure connection with the Microsoft DC. The protocol provides transport of services and applications while allowing secure authentication.
Also known as LDAPS, which protocol enabled connection allows authentication to the Microsoft DC and provides additional services?
A. Iris scanner
B. Retinal scanner
C. Facial recognition (X)
D. All of these
Choose the biometric authentication method that uses nodal points to identify the user.
Explanation: An Interconnection Security Agreement (ISA) is intended to address the security of transmitted data of both parties in the agreement. This includes VPN tunnels and any data transmitted over the network.
Your company's standard operating procedure for onboarding includes an agreement targeted at minimizing the security risks involving transmitted data. What is the name of this agreement?
A. Job rotation
B. Mandatory vacations
C. Separation of duties
D. None of the above (X)
Explanation: Clean desk policy is a workspace security policy dealing with securing all sensitive data regardless of format when a workspace will be unattended. The other answers involve how, where, and when an employee works.
Which personnel management policy involves securing all sensitive data regardless of format (paper or digital) when an employee's workspace will be unattended?
Which risk strategy is in use if a company is NOT implementing a countermeasure to a risk while realizing the potential risk?
The acceptable risk level is determined by each organization individually.
What is considered an acceptable level of risk?
A. System failure (X)
Which of the following is an internal threat?
Explanation: Collisions occur in hashing when different inputs result in the exact same hash. This is very rare but has been proven possible even with Secure Hashing Algorithm 1 (SHA-1).
Which term describes multiple inputs resulting in the same hash value?
Explanation: Elliptic Curve Diffie-Hellman (ECDH) uses elliptic curve cryptography instead of the large prime numbers associated with standard Diffie-Hellman cryptography. Diffie-Hellman Ephemeral keys are used only once, then discarded.
Which approach to cryptographic key exchange uses elliptic curve cryptography?
Explanation: Nonrepudiation is the practice of using a trusted third party to verify the authenticity of a party who sends a message.
The ability to verify that the sender of a message actually did send the message, and that it was not tampered with in transit, is a benefit of cryptography known as ____________.
Explanation: Cryptography protects data that is at rest (stored on a disk), in-transit (email or Internet), or in use by a device such as a printer.
Cryptographic protection can be applied to data in any of three states. Which of these is not one of those states?
Explanation: Crypto service providers use crypto modules to perform tasks such as key generation, storage, and authentication.
Crypto service providers use crypto _________to perform specific tasks.
Students also viewed
SEC110: Chapt 3 Test
Chapter 18: Security Assessments & Audits
Intro to Network Security sixth ed chapter 3
Sets found in the same folder
CompTIA Security+ (network)
Sec+ Study Guide Chapter 3
CompTIA Security+ Cert. (SY0-501): Practice Tests…
Other sets by this creator
Module 4 Study Guide
Module 3 Study
BIO 201 Chapter 1
7400 Final Exam
According to Hochschild’s second shift explanation, gender equity in the home does not exist. Why do men, on average, still do less housework than women? Do attitudes about masculinity have anything to do with this? Do women naturally feel inclined to do the housework, given their role as nurturers and caretakers? How might gender stereotypes contribute to inequality in the household?
Discuss the cause-and-effect relationship between competition and monopolies and oligopolies.
Give one reason why the gap between men’s and women’s salaries persists.
What is the difference between authority and coercion?
Recommended textbook solutions
Elliot Aronson, Robin M. Akert, Samuel R. Sommers, Timothy D. Wilson
Operations Management: Sustainability and Supply Chain Management
Barry Render, Chuck Munson, Jay Heizer
Operations Management: Sustainability and Supply Chain Management
Barry Render, Chuck Munson, Jay Heizer
Information Technology Project Management: Providing Measurable Organizational Value
Jack T. Marchewka
Other Quizlet sets
Biology chapter 19/20
Biology 2.3 vocabulary (copy of RW's)
Micro Final Exam
Indus Valley Civilization