CompTIA Academic/E2C Security Certification Exam Voucher Only
Question No: 511 – (Topic 3)
A security specialist has been asked to evaluate a corporate network by performing a vulnerability assessment. Which of the following will MOST likely be performed?
Identify vulnerabilities, check applicability of vulnerabilities by passively testing security controls.
Verify vulnerabilities exist, bypass security controls and exploit the vulnerabilities.
Exploit security controls to determine vulnerabilities and misconfigurations.
Bypass security controls and identify applicability of vulnerabilities by passively testing security controls.
Answer: A Explanation:
We need to determine if vulnerabilities exist by passively testing security controls.
A vulnerability scan is the automated process of proactively identifying security vulnerabilities of computing systems in a network in order to determine if and where a system can be exploited and/or threatened. While public servers are important for communication and data transfer over the Internet, they open the door to potential security breaches by threat agents, such as malicious hackers.
Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws and generating a report of the findings that an individual or an enterprise can use to tighten the network#39;s security. Vulnerability scanning typically refers to the scanning of systems that are connected to the Internet but can also refer to system audits on internal networks that are not connected to the Internet in order to assess the threat of rogue software or malicious employees in an enterprise.
Question No: 512 – (Topic 3)
A security analyst, Ann, is reviewing an IRC channel and notices that a malicious exploit has been created for a frequently used application. She notifies the software vendor and asks them for remediation steps, but is alarmed to find that no patches are available to mitigate this vulnerability.
Which of the following BEST describes this exploit?
Malicious insider threat
Answer: B Explanation:
A zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it-this exploit is called a zero day attack. Uses of zero day attacks can include infiltrating malware, spyware or allowing unwanted access to user information. The term “zero day” refers to the unknown nature of the hole to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a race begins for the developer, who must protect users.
In this question, there are no patches are available to mitigate the vulnerability. This is therefore a zero-day vulnerability.
Question No: 513 – (Topic 3)
An administrator has advised against the use of Bluetooth phones due to bluesnarfing concerns.
Which of the following is an example of this threat?
An attacker using the phone remotely for spoofing other phone numbers
Unauthorized intrusions into the phone to access data
The Bluetooth enabled phone causing signal interference with the network
An attacker using exploits that allow the phone to be disabled
Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection. Bluetooth is a high-speed but very short-range wireless technology for exchanging data between desktop and mobile computers, personal digital assistants (PDAs), and other devices. By exploiting a vulnerability in the way Bluetooth is implemented on a mobile phone, an attacker can access information – such as the user#39;s calendar, contact list and e-mail and text messages – without leaving any evidence of the attack. Other devices that use Bluetooth, such as laptop computers, may also be vulnerable, although to a lesser extent, by virtue of their more complex systems. Operating in invisible mode protects some devices, but others are vulnerable as long as Bluetooth is enabled.
Question No: 514 – (Topic 3)
Based on information leaked to industry websites, business management is concerned that unauthorized employees are accessing critical project information for a major, well-known new product. To identify any such users, the security administrator could:
Set up a honeypot and place false project documentation on an unsecure share.
Block access to the project documentation using a firewall.
Increase antivirus coverage of the project servers.
Apply security updates and harden the OS on all project servers.
Answer: A Explanation:
In this scenario, we would use a honeypot as a ‘trap’ to catch unauthorized employees who are accessing critical project information.
A honeypot is a system whose purpose it is to be attacked. An administrator can watch and study the attack to research current attack methodologies.
According to the Wepopedia.com, a Honeypot luring a hacker into a system has several main purposes:
The administrator can watch the hacker exploit the vulnerabilities of the system, thereby learning where the system has weaknesses that need to be redesigned.
The hacker can be caught and stopped while trying to obtain root access to the system.
By studying the activities of hackers, designers can better create more secure systems that are potentially invulnerable to future hackers.
There are two main types of honeypots:
Production – A production honeypot is one used within an organization#39;s environment to help mitigate risk.
Research – A research honeypot add value to research in computer security by providing a platform to study the threat.
Question No: 515 – (Topic 3)
A process in which the functionality of an application is tested without any knowledge of the internal mechanisms of the application is known as:
Black box testing
White box testing
Black hat testing
Gray box testing
Answer: A Explanation:
Black-box testing is a method of software testing that examines the functionality of an application without peering into its internal structures or workings. This method of test can be applied to virtually every level of software testing: unit, integration, system and acceptance. It typically comprises most if not all higher level testing, but can also dominate unit testing as well.
Specific knowledge of the application#39;s code/internal structure and programming knowledge in general is not required. The tester is aware of what the software is supposed to do but is not aware of how it does it. For instance, the tester is aware that a particular input returns a certain, invariable output but is not aware of how the software produces the output in the first place.
Question No: 516 – (Topic 3)
Jane, a security analyst, is reviewing logs from hosts across the Internet which her company uses to gather data on new malware. Which of the following is being implemented by Jane’s company?
Answer: B Explanation:
The Internet hosts used to gather data on new malware are known as honeypots. A collection of honeypots is known as a honeynet.
A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that an attacker#39;s activities and methods can be studied and that information used to increase network security. A honeynet contains one or more honey pots, which are computer systems on the Internet expressly set up to attract and quot;trapquot; people who attempt to penetrate other people#39;s computer systems. Although the primary purpose of a honeynet is to gather information about attackers#39; methods and motives, the decoy network can benefit its operator in other ways, for example by diverting attackers from a real network and its resources. The Honeynet Project, a non-profit research organization dedicated to computer security and information sharing, actively promotes the deployment of honeynets. In addition to the honey pots, a honeynet usually has real applications and services so that it seems like a normal network and a worthwhile target. However, because the honeynet doesn#39;t actually serve any authorized users, any attempt to contact the network from without is likely an illicit attempt to breach its security, and any outbound activity is likely evidence that a system has been compromised. For this reason, the suspect information is much more apparent than it would be in an actual network, where it would have to be found amidst all the legitimate network data. Applications within a honeynet are often given names such as quot;Financesquot; or quot;Human Servicesquot; to make them sound appealing to the attacker.
A virtual honeynet is one that, while appearing to be an entire network, resides on a single server.
Question No: 517 – (Topic 3)
Which of the following is an indication of an ongoing current problem?
Answer: C Explanation:
An alarm indicates that something is wrong and needs to be resolved as soon as possible. Alarms usually continue to sound until the problem is resolved or the alarm is manually silenced.
Question No: 518 – (Topic 3)
Maintenance workers find an active network switch hidden above a dropped-ceiling tile in the CEO’s office with various connected cables from the office. Which of the following describes the type of attack that was occurring?
Answer: B Explanation:
A Protocol Analyzer is a hardware device or more commonly a software program used to capture network data communications sent between devices on a network. Capturing packets sent from a computer system is known as packet sniffing. However, packet sniffing requires a physical connection to the network. The switch hidden in the ceiling is used to provide the physical connection to the network.
Well known software protocol analyzers include Message Analyzer (formerly Network Monitor) from Microsoft and Wireshark (formerly Ethereal).
A sniffer (packet sniffer) is a tool that intercepts data flowing in a network. If computers are connected to a local area network that is not filtered or switched, the traffic can be broadcast to all computers contained in the same segment. This doesn’t generally occur, since computers are generally told to ignore all the comings and goings of traffic from other computers. However, in the case of a sniffer, all traffic is shared when the sniffer software commands the Network Interface Card (NIC) to stop ignoring the traffic. The NIC is put into promiscuous mode, and it reads communications between computers within a particular segment. This allows the sniffer to seize everything that is flowing in the network, which can lead to the unauthorized access of sensitive data. A packet sniffer can take the form of either a hardware or software solution. A sniffer is also known as a packet analyzer.
Question No: 519 – (Topic 3)
A new virtual server was created for the marketing department. The server was installed on an existing host machine. Users in the marketing department report that they are unable to connect to the server. Technicians verify that the server has an IP address in the same VLAN as the marketing department users. Which of the following is the MOST likely reason the users are unable to connect to the server?
The new virtual server’s MAC address was not added to the ACL on the switch
The new virtual server’s MAC address triggered a port security violation on the switch
The new virtual server’s MAC address triggered an implicit deny in the switch
The new virtual server’s MAC address was not added to the firewall rules on the switch
Answer: A Explanation:
Configuring the switch to allow only traffic from computers based upon their physical address is known as MAC filtering. The physical address is known as the MAC address. Every network adapter has a unique MAC address hardcoded into the adapter.
You can configure the ports of a switch to allow connections from computers with specific MAC addresses only and block all other MAC addresses.
In computer networking, MAC Filtering (or GUI filtering, or layer 2 address filtering) refers to a security access control method whereby the 48-bit address assigned to each network card is used to determine access to the network.
MAC addresses are uniquely assigned to each card, so using MAC filtering on a network permits and denies network access to specific devices through the use of blacklists and whitelists. While the restriction of network access through the use of lists is straightforward, an individual person is not identified by a MAC address, rather a device only, so an authorized person will need to have a whitelist entry for each device that he or she would use to access the network.
Question No: 520 – (Topic 3)
Which of the following types of attacks involves interception of authentication traffic in an attempt to gain unauthorized access to a wireless network?
Near field communication
Answer: B Explanation:
An initialization vector is a random number used in combination with a secret key as a means to encrypt data. This number is sometimes referred to as a nonce, or “number occurring once,” as an encryption program uses it only once per session.
An initialization vector is used to avoid repetition during the data encryption process, making it impossible for hackers who use dictionary attack to decrypt the exchanged encrypted message by discovering a pattern. This is known as an IV attack.
A particular binary sequence may be repeated more than once in a message, and the more it appears, the more the encryption method is discoverable. For example if a one-letter word exists in a message, it may be either “a” or “I” but it can’t be “e” because the word “e” is non-sensical in English, while “a” has a meaning and “I” has a meaning. Repeating the words and letters makes it possible for software to apply a dictionary and discover the binary sequence corresponding to each letter.
Using an initialization vector changes the binary sequence corresponding to each letter, enabling the letter “a” to be represented by a particular sequence in the first instance, and then represented by a completely different binary sequence in the second instance.
WEP (Wireless Equivalent Privacy) is vulnerable to an IV attack. Because RC4 is a stream cipher, the same traffic key must never be used twice. The purpose of an IV, which is transmitted as plain text, is to prevent any repetition, but a 24-bit IV is not long enough to ensure this on a busy network. The way the IV was used also opened WEP to a related key attack. For a 24-bit IV, there is a 50% probability the same IV will repeat after 5000 packets.
|Lowest Price Guarantee||Yes||No||No|
|Free VCE Simulator||Yes||No||No|