Network Devices
Spreads workload among various servers to ensure no single server gets overloaded
What is a Load balancer aka content switch aka content filter?
What happens during an XSS attack
What is attacker inserts script code into a form on a web page that gets submitted to the server, used to attack the database servers that are used to support Web Pages
Primary protocol to SECURELY transfer data over the internet using TLS
3 different kinds of password attacks
What is Dictionary attack, Brute Force attack, Hybrid attack, Birthday attack, Password Spraying
A software developer needs to perform code-execution testing, black-box testing, and non- functional testing on a new product before its general release. Which of the following BEST describes the tasks the developer is conducting?
A. Verification B. Validation C. Normalization D. Staging
What is B. Validation
*appliance that requests resources on behalf of client machines
*hides and protects requesting client
*caches commonly requested Web pages.
The Similarities and Differences between SQL, LDAP, and XML injection attacks
What is SQL, LDAP, and XML injection attacks all insert code commands into an application (input field) attempting to have the application pass the command into the database?
What is SQL, LDAP, and XML are all different languages used to manipulate databases, SQL is the most common language used to manipulate databases?
Used by clients to access email on email servers and allows client to administer and organize email on the server into folders.
Port 143
What is IMAP (Internet Message Access Protocol)
Attacker uses DNS poisoning to redirect traffic from a legitimate site to a different or malicious site
What is Pharming attack
A cybersecurity analyst reviews the log files from a web server and sees a series of files that indicates a directory-traversal attack has occurred. Which of the following is the analyst MOST likely seeing?
Option A: http://sample.url.com/
Option B: http://sample.url.com/someotherpage onsite/../../../etc/shadow
Option C: http://sample.url.com/select-from-database-where-password-null
Option D:http://redirect.sample.url.sampleurl.com/malicios-dns-redirect
What is Option B http://sample.url.com/someotherpage onsite/../../../etc/shadow
The difference between NIPS and NIDS and what they stand for
What is a Network Intrusion Detection system evaluates traffic against a set of standards and identifies network breaches/attacks while a Network intrusion prevention system evaluates traffic against the same set of standards but attempts to STOP a network breach/attack.
ARP cache poisoning does this
The ARP cache, which maps IP addresses to MAC addresses is corrupted by an attacker with the end result being that the attacker has control of which IP addresses are associated with MAC address
Used to monitor and manage local area networks
Port 161
Many of the modern network standards and devices employ techniques to mitigate the threat of of this type of wireless attack (802.11n and 802.11ac)
What is Jamming Attack
A pharmaceutical sales representative logs on to a laptop and connects to the public WiFi to check emails and update reports. Which of the following would be BEST to prevent other devices on the network from directly accessing the laptop? (Choose two.)
A. Trusted Platform Module
B. A host-based firewall
C. A DLP solution
D. Full disk encryption
E. A VPN
F. Antivirus software
What is B (A host-based firewall) and E (A VPN)
system designed to protect networks from malicious content on the internet, also used as data loss prevention (DLP) measure
What is a Web Security Gateway
The attacker is not necessarily inside the network per se, but is in between two end points that are communicating on a network
What is Man-in-the-Middle (MitM) attack
Same as FTP but requires both user authentication and encryption by default.
(Do not answer with acronym)
What is SFTP (Secure file transfer Protocol)
Difference between a Virus, Worm, and Botnet
What is:
Botnet
*Collection of infected systems (Zombie nodes) under the control of the attack. Zombies are used to perform other attacks. Zombie controllers will often rent out the use of a botnet for other attackers to use
Virus
*Malware that has 2 jobs - to replicate and to activate. Requires a host program, host machine, and a user action to spread. Viruses ONLY affect drives (Hard drives, USB drive, etc)
Worm
*Similar to a virus, but it replicates itself across a network without user action. Doesn’t need a host file in order to operate
When selecting a technical solution for identity management, an architect chooses to go from an in-house to a third-party SaaS provider. Which of the following risk management strategies is this an example of?
A. Acceptance
B. Mitigation
C. Avoidance
D. Transference
What is D (Transference)
OSI Layer or layers that a Firewall can be placed on
What is Layers 2, 3, 4, and 7
Common way to identify and remove Rouge access points and Evil Twin attacks
What is Site Surveys/create heat maps
*Used in Microsoft networks by Remote Desktop Connections and Remote assistance
What is RDP (Remote Desktop Protocol)
An attack that uses a packet sniffer to capture network session data. The attacker then re-submits the captured packets in an effort to gain access to the network
What is Replay attack
Which of the following are the MOST likely vectors for the unauthorized inclusion of vulnerable code in a software company's final software releases? (Select TWO.)
A. Unsecure protocols
B. Use of penetration-testing utilities
C. Weak passwords
D. Included third-party libraries
E. Vendors/supply chain
F. Outdated anti-malware software
What is D and E