CompTIA Security+ SYO-601 Post-Assessment Quiz Review - [Network Security] With Correct Answers

Typically, certain employees of an organization get texts that update them on various IT activities. If there is a support ticket or downtime, they will receive texts to let them know about the activity. They have started to receive some messages via text instructing them to call the IT help desk at the provided number. When they call the help desk number, a recording asks them for their employee ID. Assuming that the IT department did not send those texts, which of the following social engineering attacks is this? a. Smishing b. Whaling c. Spimming d. Vishing - Correct Answer Smishing Which of the following social engineering attacks continues to be a primary weapon used by threat actors? a. Vishing b. Spear phishing c. Phishing d. Google dorking - Correct Answer Phishing David, a software engineer, recently bought a brand new laptop because his enterprise follows the BYOD (bring your own device) model. David was part of a software development project where the software code was leaked before its release. Further investigation proved that a vulnerability in David's laptop caused the exposure. David insists he never used the laptop to access any network or integrate any devices, and the laptop was kept in a vault while not in use. Which of the following attack vectors was used by the threat actor? a. Direct access b. Wireless c. Supply chain d. Removable media - Correct Answer Supply chain Which category of cybersecurity vulnerability is exploited by attackers before anyone else knows about it? a. Patches b. Platforms c. Zero day d. Third parties - Correct Answer Zero day