Exam #3 - Threats, Attacks, and Vulnerabilities - P.1

Nội dung: Các mối đe dọa, tấn công và lỗ hổng - Số câu: 15 - Yêu cầu: 13/15

Aug 17, 2023 - 00:00
Aug 17, 2023 - 00:27
 156

1. You are responsible for incident response at ASV Bank. The ASV Bank website has been attacked. The attacker used the login screen, but rather than enter login credentials, they entered some odd text: ' or '1' = '1. What is the best description for this attack?

A. Cross-site scripting
B. Cross-site request forgery
C. SQL injection
D. ARP poisoning

2. Ann is deeply concerned about attacks to his company’s e-commerce server. He is particularly worried about cross-site scripting and SQL injection. Which of the following would best defend against these two specific attacks?

A. Encrypted web traffic
B. Input validation
C. A firewall
D. An IDS

3. What type of attack depends on the attacker entering JavaScript into a text area that is intended for users to enter text that will be viewed by other users?

A. SQL injection
B. Clickjacking
C. Cross-site scripting
D. Bluejacking

4. What term is used to describe spam over Internet messaging services?

A. SPIM
B. SMSPAM
C. IMSPAM
D. TwoFaceTiming

5. Marry is the security manager for a mid-sized insurance company. She receives a call from law enforcement, telling her that some computers on her network participated in a massive denial-of-service (DoS) attack. Marry is certain that none of the employees at her company would be involved in a cybercrime. What would best explain this scenario?

A. It is a result of social engineering.
B. The machines all have backdoors.
C. The machines are bots.
D. The machines are infected with crypto-viruses.

6. Tom wants to detect a potential insider threat using his security information and event management (SIEM) system. What capability best matches his needs?

A. Sentiment analysis
B. Log aggregation
C. Security monitoring
D. User behavior analysis

7. Teresa is concerned about attacks against an application programming interface (API) that her company provides for its customers. What should she recommend to ensure that the API is only used by customers who have paid for the service?

A. Require authentication
B. Install and configure a firewall
C. Filter by IP address
D. Install and use an IPS

8. What type of attack is based on sending more data to a target variable than the data can actually hold?

A. Bluesnarfing
B. Buffer overflow
C. Bluejacking
D. Cross-site scripting

9. You have been asked to test your company network for security issues. The specific test you are conducting involves primarily using automated and semiautomated tools to look for known vulnerabilities with the various systems on your network. Which of the following best describes this type of test?

A. Vulnerability scan
B. Penetration test
C. Security audit
D. Security test

10. Yan wants to gain admission to a network which is protected by a network access control (NAC) system that recognized the hardware address of systems. How can he bypass this protection?

A. Spoof a legitimate IP address.
B. Conduct a denial-of-service attack against the NAC system.
C. Use MAC cloning to clone a legitimate MAC address.
D. None of the above

11. Which of the following best describes a collection of computers that have been compromised and are being controlled from one central point?

A. Zombienet
B. Botnet
C. Nullnet
D. Attacknet

12. John wants to prevent SSRF attacks. Which of the following will not be helpful for preventing them?

A. Removing all SQL code from submitted HTTP queries
B. Blocking hostnames like 127.0.01 and localhost
C. Blocking sensitive URLs like /admin
D. Applying whitelist-based input filters

13. What type of attack is based on entering fake entries into a target network’s domain name server?

A. DNS poisoning
B. ARP poisoning
C. XSS poisoning
D. CSRF poisoning

14. Which of the following capabilities is not a key part of a SOAR (security orchestration, automation, and response) tool?

A. Threat and vulnerability management
B. Security incident response
C. Automated malware analysis
D. Security operations automation

15. John discovers that email from his company’s email servers is being blocked because of spam that was sent from a compromised account. What type of lookup can he use to determine what vendors like McAfee and Barracuda have classified his domain as?

A. An nslookup
B. A tcpdump
C. A domain reputation lookup
D. A SMTP whois

Cảm xúc của bạn?

like

dislike

love

funny

angry

sad

wow

Chung Đinh QTV: Cộng đồng Quản Trị & Bảo Mật Hệ Thống. Mình sẽ luôn cố gắng phát triển cộng đồng theo tinh thần học hỏi và chia sẻ.