Exam (elaborations)
DOMAIN 6 QUESTIONS AND ANSWERS WITH SOLUTIONS 2024
- Course
- Institution
DOMAIN 6 QUESTIONS AND ANSWERS WITH SOLUTIONS 2024
[Show more]
Seller
Follow
Content preview
DOMAIN 6 QUESTIONS AND ANSWERSWITH SOLUTIONS 2024
Which kind of online attack involves pretending to be a legitimate company to get sensitive information?
Correct Answer:
Spyware
Correct Answer:
Virus
Correct Answer:
Phishing
Correct Answer:
Impersonating - ANSWER Phishing
A user within your organization received an email relating how an account containing a large sum of
money has been frozen by the government of a small African nation. The user was offered a 25% share
of this account if she would help the sender transfer it to a bank in the United States. The user
responded to the sender and was instructed to send her bank account number so that it could be used
to facilitate the transfer. She complied, and then the sender used the information to drain her bank
account.
What type of attack occurred?
Correct Answer:
Man-in-the-Middle
Correct Answer:
Piggybacking
Correct Answer:
Phishing
Correct Answer:
Eavesdropping - ANSWER Phishing
Joe, a user, receives an email from a popular video streaming website urging him to renew his
membership. The email appears official, but Joe has never had a membership before. When Joe looks
closer, he discovers that a hyperlink in the email points to a suspicious URL.
,Which of the following security threats does this describe?
Correct Answer:
Phishing
Correct Answer:
Zero-day attack
Correct Answer:
Man-in-the-middle
Correct Answer:
Trojan horse - ANSWER Phishing
What is the best countermeasure against social engineering?
Correct Answer:
User awareness training
Correct Answer:
Access auditing
Correct Answer:
Acceptable use policy
Correct Answer:
Strong passwords - ANSWER User awareness training
You are a security consultant and an organization has hired you to review their security measures. They
are chiefly concerned that they could become the victim of a social engineering attack.
Which of the following would you MOST likely recommend they do to mitigate the risk?
Correct Answer:
Teach users how to recognize and respond to social engineering attacks.
Correct Answer:
Establish a written security policy.
Correct Answer:
Implement a border firewall to filter inbound network traffic.
,Correct Answer:
Train managers to monitor user activity. - ANSWER Teach users how to recognize and respond to social
engineering attacks.
Which of the following is a common form of social engineering attack?
Correct Answer:
Distributing false information about your organization's financial status.
Correct Answer:
Stealing the key card of an employee and using that to enter a secured building.
Correct Answer:
Hoax virus information emails.
Correct Answer:
Using a sniffer to capture network traffic. - ANSWER Hoax virus information emails.
Which of the following is a form of attack that tricks victims into providing confidential information, such
as identity information or logon credentials, through emails or Websites that impersonate an online
entity that the victim trusts, such as a financial institution or well-known e-commerce site?
Correct Answer:
Social engineering
Correct Answer:
Phishing
Correct Answer:
Fraggle attack
Correct Answer:
Session hijacking - ANSWER Phishing
Dana is an IT administrator who is working on a company-wide initiative to address confidentiality
concerns about secure information being revealed to unauthorized individuals.
Which of the following would be topics on the team agenda? (Select two.)
Correct Answer:
, On-path attack
Correct Answer:
Snooping
Correct Answer:
Data destruction
Correct Answer:
Social engineering
Correct Answer:
Replay attack - ANSWER Snooping
Social engineering
Which of the following are examples of social engineering? (Select two.)
Correct Answer:
Port scanning
Correct Answer:
Dumpster diving
Correct Answer:
Shoulder surfing
Correct Answer:
Brute force password cracking
Correct Answer:
War dialing - ANSWER Dumpster diving
Correct Answer:
Shoulder surfing
Maintaining confidentiality in the workplace is important for building and maintaining trust and for
ensuring an open and honest communication between customers, clients, and employees. Which of the
following threatens data confidentiality?
Correct Answer:
Man-in-the-Middle attacks
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller TESTTACKLERS. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.49. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
73773 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now