SY0-410:3 TS THREATS AND VULNERABILITIES EXAM
QUESTIONS WITH CORRECT VERIFIED ANSWERS GUARANTEED
PASS
What is the term for a potential opening in network security that a hacker can
exploit to attack a network?
a vulnerability
According to CompTIA's Security+ examination blueprint, what are the four
hardening techniques for mitigation and deterrence?
"Disable unnecessary services.
Protect management interfaces and applications.
Protect passwords.
Disable unnecessary accounts."
Which self-replicating computer program sends copies of itself to other devices
on the network?
a worm
What is vishing?
a special type of phishing that uses Voice over IP (VoIP)
Is instant messaging vulnerable to packet sniffing?
yes
What is whaling?
, a special type of phishing that targets a single power user, such as a Chief Executive
Officer (CEO)
Are cameras and IDSs considered to be mitigation or prevention controls?
deterrence controls
Which attack is an extension of the denial-of-service (DoS) attack and uses
multiple computers?
a distributed DoS (DDoS) attack
What is a malicious insider?
an employee who uses his access to the network and facility to obtain confidential
information
What is an attempt by someone to get one or more users to believe that a specific
computer virus exists?
a hoax
What is Nessus?
a network vulnerability scanner
What is a flaw, loophole, or weakness in the system, software, or hardware?
a vulnerability
According to CompTIA's Security+ examination blueprint, what are the seven
listed reasons for effectiveness for social engineering attacks?
authority, intimidation, consensus/social proof, scarcity, urgency, familiarity/liking, and
trust
According to CompTIA's Security+ examination blueprint, what are the three
listed security posture techniques for mitigation and deterrence?
QUESTIONS WITH CORRECT VERIFIED ANSWERS GUARANTEED
PASS
What is the term for a potential opening in network security that a hacker can
exploit to attack a network?
a vulnerability
According to CompTIA's Security+ examination blueprint, what are the four
hardening techniques for mitigation and deterrence?
"Disable unnecessary services.
Protect management interfaces and applications.
Protect passwords.
Disable unnecessary accounts."
Which self-replicating computer program sends copies of itself to other devices
on the network?
a worm
What is vishing?
a special type of phishing that uses Voice over IP (VoIP)
Is instant messaging vulnerable to packet sniffing?
yes
What is whaling?
, a special type of phishing that targets a single power user, such as a Chief Executive
Officer (CEO)
Are cameras and IDSs considered to be mitigation or prevention controls?
deterrence controls
Which attack is an extension of the denial-of-service (DoS) attack and uses
multiple computers?
a distributed DoS (DDoS) attack
What is a malicious insider?
an employee who uses his access to the network and facility to obtain confidential
information
What is an attempt by someone to get one or more users to believe that a specific
computer virus exists?
a hoax
What is Nessus?
a network vulnerability scanner
What is a flaw, loophole, or weakness in the system, software, or hardware?
a vulnerability
According to CompTIA's Security+ examination blueprint, what are the seven
listed reasons for effectiveness for social engineering attacks?
authority, intimidation, consensus/social proof, scarcity, urgency, familiarity/liking, and
trust
According to CompTIA's Security+ examination blueprint, what are the three
listed security posture techniques for mitigation and deterrence?
