![[Tool] Sử dụng AsvScan để giảm thiểu các cuộc tấn công mạng khi có IOCs](https://quantribaomat.com/uploads/images/202406/image_430x256_667e3a37b171f.webp)
.jpg)
Exam #4 - Threats, Attacks, and Vulnerabilities - P.2
Nội dung: Các mối đe dọa, tấn công và lỗ hổng - P2 - Số câu: 15 - Yêu cầu: 13/15
1. Frank is a network administrator for a small college. He discovers that several machines on his network are infected with malware. That malware is sending a flood of packets to a target external to the network. What best describes this attack?
A. SYN flood
B. DDoS
C. Botnet
D. Backdoor
Trả lời đúng
Trả lời sai
2. Dennis uses an on-path attack to cause a system to send HTTPS traffic to his system and then forwards it to the actual server the traffic is intended for. What type of password attack can he conduct with the data he gathers if he captures all the traffic from a login form?
A. A plain-text password attack
B. A pass-the-hash attack
C. A SQL injection attack
D. A cross-site scripting attack
Trả lời đúng
Trả lời sai
3. Which of the following is not a common means of attacking RFID badges?
A. Data capture
B. Spoofing
C. Denial-of-service
D. Birthday attacks
Trả lời đúng
Trả lời sai
4. CVE is an example of what type of feed?
A. A threat intelligence feed
B. A vulnerability feed
C. A critical infrastructure listing feed
D. A critical virtualization exploits feed
Trả lời đúng
Trả lời sai
5. Farès is the network security administrator for a company that creates advanced routers and switches. He has discovered that his company’s networks have been subjected to a series of advanced attacks over a period of time. What best describes this attack?
A. DDoS
B. Brute force
C. APT
D. Disassociation attack
Trả lời đúng
Trả lời sai
6. What type of information is phishing not commonly intended to acquire?
A. Passwords
B. Email addresses
C. Credit card numbers
D. Personal information
Trả lời đúng
Trả lời sai
7. Matt discovers that a system on his network is sending hundreds of Ethernet frames to the switch it is connected to, with each frame containing a different source MAC address. What type of attack has he discovered?
A. Etherspam
B. MAC flooding
C. Hardware spoofing
D. MAC hashing
Trả lời đúng
Trả lời sai
8. Spyware is an example of what type of malware?
A. Trojan
B. PUP
C. RAT
D. Ransomware
Trả lời đúng
Trả lời sai
9. Which of the following is commonly used in a distributed denial-of-service (DDoS) attack?
A. Phishing
B. Adware
C. Botnet
D. Trojan
Trả lời đúng
Trả lời sai
10. Angela reviews the authentication logs for her website and sees attempts from many different accounts using the same set of passwords. What is this attack technique called?
A. Brute forcing
B. Password spraying
C. Limited login attacks
D. Account spinning
Trả lời đúng
Trả lời sai
11. What process typically occurs before card cloning attacks occur?
A. A brute-force attack
B. A skimming attack
C. A rainbow table attack
D. A birthday attack
Trả lời đúng
Trả lời sai
12. Which of the following is an attack that seeks to attack a website, based on the website’s trust of an authenticated user?
A. XSS
B. XSRF
C. Buffer overflow
D. RAT
Trả lời đúng
Trả lời sai
13. Angela has discovered an attack against some of the users of her website that leverage URL parameters and cookies to make legitimate users perform unwanted actions. What type of attack has she most likely discovered?
A. SQL injection
B. Cross-site request forgery
C. LDAP injection
D. Cross-site scripting
Trả lời đúng
Trả lời sai
14. Nathan discovers the following code in the directory of a compromised user. What language is it using, and what will it do?
echo "ssh-rsa ABBAB4KAE9sdafAK...Mq/jc5YLfnAnbFDRABMhuWzaWUp root@localhost" >> /root/.ssh/authorized_keys
A. Python, adds an authorized SSH key
B. Bash, connects to another system using an SSH key
C. Python, connects to another system using an SSH key
D. Bash, adds an authorized SSH key
Trả lời đúng
Trả lời sai
15. Michelle discovers that a number of systems throughout her organization are connecting to a changing set of remote systems on TCP port 6667. What is the most likely cause of this, if she believes the traffic is not legitimate?
A. An alternate service port for web traffic
B. Botnet command and control via IRC
C. Downloads via a peer-to-peer network
D. Remote access Trojans
Trả lời đúng
Trả lời sai
Cảm xúc của bạn?
Chung Đinh
QTV: Cộng đồng Quản Trị & Bảo Mật Hệ Thống. Mình sẽ luôn cố gắng phát triển cộng đồng theo tinh thần học hỏi và chia sẻ.
