October 2018

Article

29 Oct

Posted at 20:46h in Practice Test Questions by

[vc_row row_type="row" use_row_as_full_screen_section="no" type="full_width" angled_section="no" text_align="left" background_image_as_pattern="without_pattern" css_animation=""][vc_column][vc_column_text]Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.[/vc_column_text][vc_row_inner row_type="row" type="full_width" text_align="left" css_animation=""][vc_column_inner][/vc_column_inner][/vc_row_inner][/vc_column][/vc_row][vc_row row_type="row" use_row_as_full_screen_section="no" type="full_width" angled_section="no" text_align="left" background_image_as_pattern="without_pattern" css_animation=""][vc_column][vc_column_text] Greg recently detected a system on his network that occasionally begins sending streams of TCP SYN packets to port 80 at a single IP address for several hours and then stops. It later resumes, but directs the packets at a different address. What type of attack is taking place? A. Port scanning B. IP scanning C. SQL injection D. DDos Correct Answer: D. This is a clear example of a distributed denial of service (DDoS) attack. The system is flooding the target with connection requests, hoping to overwhelm it. The port and IP address are not changing, so this is not indicative of a scanning attack. There is no indication that the connection is completed, so it cannot be a SQL injection attack.[/vc_column_text][/vc_column][/vc_row]...

21 Oct

Posted at 23:02h in Practice Test Questions by

[vc_row row_type="row" use_row_as_full_screen_section="no" type="full_width" angled_section="no" text_align="left" background_image_as_pattern="without_pattern" css_animation=""][vc_column][vc_column_text]Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.[/vc_column_text][vc_row_inner row_type="row" type="full_width" text_align="left" css_animation=""][vc_column_inner][/vc_column_inner][/vc_row_inner][/vc_column][/vc_row][vc_row row_type="row" use_row_as_full_screen_section="no" type="full_width" angled_section="no" text_align="left" background_image_as_pattern="without_pattern" css_animation=""][vc_column][vc_column_text] Morgan is a web developer responsible for implementing an authentication system. She knows that she should store hashed versions of passwords rather than the passwords themselves but chooses to use unsalted passwords. What type of attack does this make the application more susceptible to? A. Rainbow table B. Online brute force attack C. Offline brute force attack D. Collision Correct Answer: A. In a rainbow table attack, the attacker computes the hash values of common passwords and then searches the password file for those values. Adding a random salt to the password eliminates the performance benefit of this attack. Brute force attacks (online or offline) would not be more or less effective either way. The use of salting does not decrease the likelihood of a collision. [/vc_column_text][/vc_column][/vc_row]...

14 Oct

Posted at 22:24h in Practice Test Questions by

[vc_row row_type="row" use_row_as_full_screen_section="no" type="full_width" angled_section="no" text_align="left" background_image_as_pattern="without_pattern" css_animation=""][vc_column][vc_column_text]Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.[/vc_column_text][vc_row_inner row_type="row" type="full_width" text_align="left" css_animation=""][vc_column_inner][/vc_column_inner][/vc_row_inner][/vc_column][/vc_row][vc_row row_type="row" use_row_as_full_screen_section="no" type="full_width" angled_section="no" text_align="left" background_image_as_pattern="without_pattern" css_animation=""][vc_column][vc_column_text] Tonya is developing a web application and is embedding a session ID in the application that is exchanged with each network communication. What type of attack is Tonya most likely trying to prevent? A. Replay B. Man-in-the-middle C. Buffer overflow D. SQL injection Correct Answer: A. Session tokens, or session IDs, are used to prevent an eavesdropper from stealing authentication credentials and reusing them in a different session, in what is known as a replay attack. The use of session IDs would not prevent an attacker from carrying out an application layer attack, such as a buffer overflow or injection. It also would not be effective against a man-in-the-middle attack, as the attacker could simply establish a secure session with the server and would, therefore, have access to the session ID. [/vc_column_text][/vc_column][/vc_row]...

In Archive