Garantie de satisfaction à 100% Disponible immédiatement après paiement En ligne et en PDF Tu n'es attaché à rien
logo-home
SECURITY+ SY0-601 STUDY SET from Mike Myer's Book €13,14   Ajouter au panier

Examen

SECURITY+ SY0-601 STUDY SET from Mike Myer's Book

 5 vues  0 fois vendu
  • Cours
  • Établissement

__________________ is defined as using and manipulating human behavior to obtain a required result. It typically involves NON-TECHNICAL methods of attempting to gain unauthorized access to a system or network. Correct answer- Social engineering Through social engineering, an attacker might easi...

[Montrer plus]

Aperçu 4 sur 38  pages

  • 1 avril 2022
  • 38
  • 2021/2022
  • Examen
  • Questions et réponses
avatar-seller
SECURITY+ SY0-601 STUDY SET from
Mike Myer's Book

__________________ is defined as using and manipulating human behavior to obtain a
required result.

It typically involves NON-TECHNICAL methods of attempting to gain unauthorized
access to a system or network. Correct answer- Social engineering

Through social engineering, an attacker might easily lead a user to reveal her account
password or to provide personal information that might reveal her password, a
technique known as ____________________. Correct answer- eliciting information

________________________ is when a social engineer calls a helpdesk operator, who
claims to be a high-level user, and demands that the operator reset the user's password
immediately so that the user can complete an important task. Correct answer-
Impersonation

_______________ is a technique in which a social engineer creates a story, or pretext,
that employs one or more of these principles to motivate victims to act contrary to their
better instincts or training. Correct answer- Pretexting

A __________________ scam is a social engineering technique that targets a large
group of recipients with a generic message that attempts to trick them into either visiting
a website and entering confidential personal information, responding to a text or SMS
message (known as ___________), or replying to an e-mail with private information,
often a username and password, or banking or credit card details. Correct answer-
phishing / smishing

_____________________ is a targeted type of phishing attack that includes information
familiar to the user and appears to be from a trusted source such as a company such as
a financial service that the user has used previously, a social media site such as
LinkedIn, or even a specific trusted user. Correct answer- Spear phishing

_________________ are important tools to protect against phishing attacks. Users
must be aware that financial institutions will never ask for bank account numbers and
credit card details in an e-mail to a user. Correct answer- User education and
awareness training

______________ is a type of phishing attack that is targeted at a specific high-level
user, such as an executive. Correct answer- Whaling

,________________ is when an unauthorized person casually glances over the shoulder
of an employee as she returns to her desk and enters her username and password into
the computer. Correct answer- Shoulder surfing

_____________________ is one of the simpler forms of social engineering and
describes gaining physical access to an access-controlled facility or room by closely
following an authorized person through the security checkpoint. Correct answer-
Tailgating

_____________ is a social engineering technique that misdirects a user to an attacker's
website without the user's knowledge, usually by manipulating the Domain Name
Service (DNS) on an affected server or the hosts file on a user's system.

While much like phishing, where a user may click a link in a seemingly legitimate e mail
message that takes him to an attacker's website, pharming differs in that it installs code
on the user's computer that sends them to the malicious site, even if the URL is entered
correctly or chosen from a web browser bookmark. Correct answer- Pharming

__________ is instant messaging spam, and much like the more common e-mail spam,
it occurs when a user receives an unsolicited instant message from another user,
including users who are known and in the user's contact list. Correct answer- SPIM
(spam over instant messaging)

_______________ is a type of phishing attack that takes place over phone systems,
most commonly over VoIP (Voice over IP) lines. Correct answer- Vishing

A _________ is typically some kind of urban legend or sensational false news that
users pass on to others via e-mail because they feel it is of interest.

While mostly harmless, some are phishing attempts that try to get the user to visit a link
in the e-mail message that redirects to a malicious website. The only cure is user
education as to avoid spreading these types of messages to other users. Correct
answer- hoax

As part of corporate espionage, some companies hire private investigators to examine
garbage dumpsters of a target company, and these investigators try to discover any
proprietary and confidential information. This is called __________________. Correct
answer- Dumpster diving

You have been contacted by your company's CEO after she received a personalized
but suspicious e-mail message from the company's bank asking for detailed personal
and financial information. After reviewing the message, you determine that it did not
originate from the legitimate bank.

Which of the following security issues does this scenario describe?

,A. Dumpster diving
B. Phishing
C. Whaling
D. Vishing Correct answer- C

During your user awareness training, which of the following actions would you advise
users to take as the best security practice to help prevent malware installation from
phishing messages?

A. Forward suspicious messages to other users
B. Do not click links in suspicious messages
C. Check e-mail headers
D. Reply to a message to check its legitimacy Correct answer- B

Negative company financial information was carelessly thrown in the trash bin without
being shredded, and a malicious insider retrieved it and posted it on the Internet, driving
the stock price down.

The CEO wants to know what happened—what was the attack?

A. Smishing
B. Dumpster diving
C. Prepending
D. Identity fraud Correct answer- B

Max, a security administrator, just received a phone call to change the password for a
user in the HR department. The user did not provide verification of their identity and
insisted that they needed the password changed immediately to complete a critical task.

What principle of effective social engineering is being used?

A. Trust
B. Consensus
C. Intimidation
D. Urgency Correct answer- D

A _______ is a malicious computer program that requires user intervention (such as
clicking it or copying it to media or a host) within the affected system, even if the virus
program does not harm the system.

They self-replicate without the knowledge of the computer user. Correct answer- virus

_____________ infect the boot sector or partition table of a disk which is used by the
computer to determine which operating systems (OSs) are present on the system to
boot. Correct answer- Boot sector viruses

, A _______________ disguises itself as a legitimate program, using the name of a
legitimate program but with a different extension. For example, a virus might be named
program.com to emulate a file called program.exe. Correct answer- companion virus

A ___________ uses the internal workings of Microsoft Word and Excel to perform
malicious operations when a file containing the virus is opened, such as deleting files or
opening other virus-executable programs. Correct answer- macro virus

A _________ hides from antivirus software by encrypting its code. They attempt to
cover their trail as they infect their way through a computer. Correct answer- stealth
virus

______________ are designed to make detection and reverse engineering difficult and
time consuming, either through obfuscation or through substantial amounts of confusing
code to hide the actual virus code itself.

*While armored viruses are often quite good at what they are designed to do, they are
significantly larger than necessary, which makes their presence easier to detect. Correct
answer- Armored viruses

_______________ changes with each infection. These types of viruses were created to
confuse virus-scanning programs. Correct answer- Polymorphic malware

__________________ log a user's keystrokes for various purposes, either via hardware
or software means. Correct answer- Keyloggers

A ____________ hides on your computer system until called upon to perform a certain
task.

They are usually downloaded through e-mail attachments, websites, and instant
messages. They are usually disguised as popular programs such as games, pictures, or
music. Correct answer- Trojan horse program

A _________________ installs a backdoor that bypasses all authentication controls and
allows the attacker continuous access to the client computer. Correct answer- remote
access Trojan (RAT)

A ____________ does not activate until a specific event, such as reaching a specific
date or starting a program a specific number of times, is triggered. Correct answer- logic
bomb program

A ___________ is a self-contained program (or set of programs) that can self-replicate
and spread full copies or smaller segments of itself to other computer systems via
network connections, e-mail attachments, and instant messages.

Les avantages d'acheter des résumés chez Stuvia:

Qualité garantie par les avis des clients

Qualité garantie par les avis des clients

Les clients de Stuvia ont évalués plus de 700 000 résumés. C'est comme ça que vous savez que vous achetez les meilleurs documents.

L’achat facile et rapide

L’achat facile et rapide

Vous pouvez payer rapidement avec iDeal, carte de crédit ou Stuvia-crédit pour les résumés. Il n'y a pas d'adhésion nécessaire.

Focus sur l’essentiel

Focus sur l’essentiel

Vos camarades écrivent eux-mêmes les notes d’étude, c’est pourquoi les documents sont toujours fiables et à jour. Cela garantit que vous arrivez rapidement au coeur du matériel.

Foire aux questions

Qu'est-ce que j'obtiens en achetant ce document ?

Vous obtenez un PDF, disponible immédiatement après votre achat. Le document acheté est accessible à tout moment, n'importe où et indéfiniment via votre profil.

Garantie de remboursement : comment ça marche ?

Notre garantie de satisfaction garantit que vous trouverez toujours un document d'étude qui vous convient. Vous remplissez un formulaire et notre équipe du service client s'occupe du reste.

Auprès de qui est-ce que j'achète ce résumé ?

Stuvia est une place de marché. Alors, vous n'achetez donc pas ce document chez nous, mais auprès du vendeur EvaTee. Stuvia facilite les paiements au vendeur.

Est-ce que j'aurai un abonnement?

Non, vous n'achetez ce résumé que pour €13,14. Vous n'êtes lié à rien après votre achat.

Peut-on faire confiance à Stuvia ?

4.6 étoiles sur Google & Trustpilot (+1000 avis)

78140 résumés ont été vendus ces 30 derniers jours

Fondée en 2010, la référence pour acheter des résumés depuis déjà 14 ans

Commencez à vendre!
€13,14
  • (0)
  Ajouter