Practice Test Questions

Preparing for your next security certification exam?  After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, or SSCP certification to receive new questions each week.  You'll also receive free access to my customized study strategies.   Corwin is beginning a penetration test and is reviewing the technical documentation provided by management that explains how the systems are designed and laid out. What type of test is Corwin most likely performing?   A. Grey Box B. Black Box C. Red Box D. White Box   Correct Answer: D   In a black box attack, the attacker does not have access to any information about the target environment before beginning the attack. In a grey box attack, the attacker has limited information. In a white box attack, the attacker has full knowledge of the target environment before beginning the attack.   Would you like to receive free practice test questions on a weekly basis? Sign up for the free CertMike study groups for the CISSP, Security+, SSCP, or CySA+ exam....

Preparing for your next security certification exam?  After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, or SSCP certification to receive new questions each week.  You'll also receive free access to my customized study strategies.   Kelly detected an attack on her network where the attacker used aircrack-ng to create a wireless network bearing her company's SSID. The attacker then boosted the power of that access point so that it was the strongest signal in an executive office area, prompting executive devices to connect to it. What type of attack took place?   A. Evil twin B. Jamming C. Bluesnarfing D. WPS   Correct Answer: A   In this attack, the perpetrator created a false wireless network, otherwise known as an evil twin. Although the attacker boosted the power of the signal to make the evil twin signal stronger than other signals, there is no indication of attempts to jam signals from legitimate access points. There is no indication in the scenario that Bluetooth or WPS technology was involved.   Would you like to receive free practice test questions on a weekly basis? Sign up for the free CertMike study groups for the CISSP, Security+, SSCP, or CySA+ exam....

Preparing for your next security certification exam?  After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, or SSCP certification to receive new questions each week.  You'll also receive free access to my customized study strategies.   Which one of the following device types is most susceptible to a pass-the-hash attack?   A. Windows server B. Network firewall C. VPN concentrator D. Hardware security module   Correct Answer: A   Pass-the-hash attacks exploit a vulnerability in the NTLM authentication protocol, used by Windows systems. The attack is not possible against non-Windows systems.   Would you like to receive free practice test questions on a weekly basis? Sign up for the free CertMike study groups for the CISSP, Security+, SSCP, or CySA+ exam....