Threat
This type of malware replicates itself and spreads to other computers without requiring a host program.
What is a worm?
Regularly updating these on endpoints is crucial for
patching known vulnerabilities.
What are operating systems and applications?
nmap
What is a a powerful network scanner for host discovery and service enumeration. While it can be used for reconnaissance, its basic functions help with initial discovery.
CVE
What is Common Vulnerabilities and Exposures
Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?
What is answer C.
This sophisticated and often targeted type of malware can remain undetected for long periods, allowing for persistent access and data exfiltration.
What is an Advanced Persistent Threat (APT)?
This security practice restricts the privileges granted to user accounts on an endpoint to only what is necessary for their job functions.
What is the principle of least privilege?
tcpdump
What is A powerful command-line packet analyzer.
CVSS
What is Common Vulnerability Scoring System.
A user is attempting to navigate to a website from inside the company network using a desktop. When the user types in the URL, https://www.site.com, the user is presented with a certificate mismatch warning from the browser. The user does not receive a warning when visiting http://www.anothersite.com. Which of the following describes this attack?
What is answer C.
Charlie is looking for easy money
What is you giving him your credit card.
This legal and ethical requirement mandates the protection of personally identifiable information.
What is data privacy?
DIG
What is Domain Information Groper, used for querying DNS name servers. Useful for gathering information about a domain's DNS records (A, MX, NS, etc.).
Another term for DMZ.
What is screened subnetworks .
Which of the following describes a social engineering technique that seeks to exploit a person's sense of urgency?
What is answer A.
Observing and learning about a target through publicly available information to craft more convincing social engineering attacks is known as this.
What is reconnaissance (in the context of social engineering) or open-source intelligence (OSINT)?
This type of firewall examines the entire conversation of a network connection, maintaining state information.
What is a stateful firewall?
GPG
What is A command-line tool for encrypting and signing data using the OpenPGP standard.
ICMP
What is Internet Control Message Protocol.
A security analyst is reviewing application logs to determine the source of a breach and locates the following log: https://www.comptia.com/login.php?id='%20or%20'1'1='1
What has been observed?
What is an SQLi attack?
Failing to properly manage and revoke access privileges for departing employees can create this type of security vulnerability.
What is an orphaned account or privilege creep?
Integrating threat intelligence feeds into an IPS allows it to proactively block known malicious IPs, domains, and other indicators of this.
What is compromise (IOC)?
gobuster dir -u http://example.com -w /path/to/wordlist.txt
What is a directory/file and DNS subdomain brute-forcing tool.
CASB
What is Cloud Access Security Broker .
Which of the following is an effective tool to stop or prevent the exfiltration of data from a network?
What is answer A.