Test Bank for CompTIA CySA+ Guide to Cybersecurity Analyst (CS0-002), 2nd Edition by Mark Ciampa
4 views 0 purchase
Course
Computer Science
Institution
Computer Science
Test Bank for CompTIA CySA+ Guide to Cybersecurity Analyst (CS0-002), 2nd Edition 2e by Mark Ciampa.
ISBN-13: 8091
Full Modules test bank included - Book Contents given below
Part 1: External Threats and Internal Vulnerabilities
Module 1: Enterprise Threats and Vulnerabilities
Types of A...
1. Nik, a cybersecurity analyst, has been asked to examine an employee's iPhone that is exhibiting strange
behavior. After looking through the phone, he finds that the user apparently has been able to upload third-party
apps that are not in the App Store. Which of the following has most likely occurred with this phone?
a. Rooting
b. Jailbreaking
c. Clapping
d. Raking
ANSWER: b
FEEDBACK: a. Incorrect. Rooting is a term associated with modifying the operating system or
firmware of an Android device, not an iPhone.
b. Correct. Jailbreaking is the term for modifying an iPhone so it can load third-
party apps that are not in the App Store.
c. Incorrect. Clapping is a made-up term for the purposes of this scenario.
d. Incorrect. Raking is a made-up term for the purposes of this scenario.
POINTS: 1
QUESTION TYPE: Multiple Choice
HAS VARIABLES: False
LEARNING OBJECTIVES: CIAM.CYSA.22.1.1 - Identify different types of common attacks
ACCREDITING STANDARDS: CIAM.CYSA.22.1.5 - Explain the threats and vulnerabilities associated with specialized
technology.
TOPICS: Threats and Vulnerabilities of Specialized Technology
KEYWORDS: Bloom's: Apply
DATE CREATED: 7/9/2021 3:31 PM
DATE MODIFIED: 7/19/2021 10:33 AM
2. Gabe, a penetration tester, has gained physical access to a company's facilities and planted devices behind
several printers that will send him copies of all documents sent to those printers. Which of the following has
Gabe executed?
a. MITM attack
b. Replay attack
c. XSS
d. XSRF
ANSWER: a
FEEDBACK: a. Correct. A man-in-the-middle attack actively intercepts or eavesdrops on
communications. By planting a device behind printers, Gabe can capture the
data going to the printer and send it outside of the network for later analysis.
b. Incorrect. A replay attack resends captured data to a system in order to
perform some other action. In this scenario, Gabe is only capturing the data
and sending it outside of the network for analysis.
c. Incorrect. Cross-site scripting does not involve planting devices in an
organization.
d. Incorrect. Cross-site request forgery does not involve planting devices in an
Copyright Cengage Learning. Powered by Cognero. Page 1
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Tutor247. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $29.49. You're not tied to anything after your purchase.
