EXAM STUDY MATERIALS 8/7/2024 11:29 AM
Sec+ Final Exam Questions With Correct
Answers
Analyze the following scenarios and determine which attacker used piggy backing.
A.) On the way to a meeting in a restricted area of a government facility, a contractor holds open
a gate for a person in a military uniform, who approaches the entry point at a jog, flashing a
badge just outside of the readable range.
B.) A government employee is late for a meeting in a restricted area of a military installation.
Preoccupied with making the meeting on time, the employee does not notice when the gate has
not closed and someone enters the restricted area.
C.) An employee leaves the workstation to use the restroom. A coworker notices that the
employee has forgotten to lock the workstation, and takes advantage of the user's permissions.
D.) Several prospective interns are touring the operations floor of a large tech firm. One of them
seems to be paying especially close attention to the employees. - answer✔✔A.) On the way to a
meeting in a restricted area of a government facility, a contractor holds open a gate for a person
in a military uniform, who approaches the entry point at a jog, flashing a badge just outside of
the readable range.
What type of phishing attack targets upper-level managment?
A.) Pharming
B.) Credential harvesting
C.) Whaling
D.) Typosquatting - answer✔✔C.) Whaling
An end-user has enabled cookies for several e-commerce websites and has started receiving
targeted ads. The ads do not trouble the user until, when trying to access an e-commerce site, the
user gets several pop-up ads that automatically redirect the user to suspicious sites the user did
not intend to visit. What is the most likely explanation for this phenomenon?
A.) tracking cookies have infected the user's computer.
B.) Ransomeware has infected the user's computer.
C.) Spyware has infected the user's computer.
, EXAM STUDY MATERIALS 8/7/2024 11:29 AM
D.) Crypto-malware has infected the user's computer. - answer✔✔C.) Spyware has infected the
user's computer
A hacker gains access to a database of usernames for a target company and then begins
combining common, weak passwords with each username to attempt authentication. The hacker
conducts what type of attack?
A.) Password spraying
B.) Brute force attack
C.) Dictionary attack
D.) Rainbow table attack - answer✔✔A.) Password spraying
When monitoring API usage on a system, an engineer notices a very high error rate. The
application's latency and thresholds appear to be normal. What does the engineer determine to be
the cause?
A.) Overloaded system
B.) Security issues
C.) Number of requests
D.) Service responses - answer✔✔Overloaded system,
Security issues
A user at a realtor's office contacts their IT department to report that they are not able to copy
contract files to a USB flash drive to take home. Which explanation does the IT representative
share with the user?
A.) Data loss prevention prevents file copying.
B.) Mobile device management restricts the use of a portable USB device.
C.) A compromised private key has created a trust issue.
D.) The file copy process has been allow-listed. - answer✔✔A.) Data loss prevention prevents
file copying
An employee that carries a company credit card learns that the card has become compromised.
The employee only remembers fueling a company vehicle. Consider the following viable
methods and determine which method compromised the card.
Card cloning
Data blocker
Proximity reader
, EXAM STUDY MATERIALS 8/7/2024 11:29 AM
Card skimming - answer✔✔card skimming
Identify the type of attack where malware forces a legitimate process to load a malicious link
library.
A.) DLL injection
B.) Pass the Hash (PtH)
C.) Null pointer dereferencing
D.) Overflow attack - answer✔✔A.) DLL injection
What type of attack replays a cookie?
A.) Cross-site request forgery (CSRF or XSRF)
B.) Clickjacking
C.) Secure Sockets Layer (SSL) strip attack
D.) Session hijacking - answer✔✔D.) Session hijacking
After several users call to report dropped network connections on a local wireless network, a
security analyst scans network logs and discovers that multiple unauthorized devices were
connecting to the network and overwhelming it via a smartphone tethered to the network, which
provided a backdoor for unauthorized access. How would this device be classified?
A.) A switched port analyzer (SPAN)/mirror port
B.) A spectrum analyzer
C.) A rogue access point (AP)
D.) A thin wireless access point (WAP) - answer✔✔C.) A rouge access point (AP)
A hacker places a false name:IP address mapping in an operating system's HOSTS file,
redirecting traffic from a legitimate IP address to a malicious IP address. What type of attack did
the hacker perform?
A.) Domain hijacking
B.) Domain name system client cache (DNS) poisoning
C.) Rogue dynamic host configuration protocol (DHCP)
D.) Address Resolution Protocol (ARP) poisoning - answer✔✔B.) Domain name system client
cache (DNS) poisoning
IT staff reviews security alerts received for a monitoring system and discovers that uncommon
firewall ports on several Windows workstations and a server have been opened and are being
accessed by a malicious process. What does the staff determine the issue to be?
Sec+ Final Exam Questions With Correct
Answers
Analyze the following scenarios and determine which attacker used piggy backing.
A.) On the way to a meeting in a restricted area of a government facility, a contractor holds open
a gate for a person in a military uniform, who approaches the entry point at a jog, flashing a
badge just outside of the readable range.
B.) A government employee is late for a meeting in a restricted area of a military installation.
Preoccupied with making the meeting on time, the employee does not notice when the gate has
not closed and someone enters the restricted area.
C.) An employee leaves the workstation to use the restroom. A coworker notices that the
employee has forgotten to lock the workstation, and takes advantage of the user's permissions.
D.) Several prospective interns are touring the operations floor of a large tech firm. One of them
seems to be paying especially close attention to the employees. - answer✔✔A.) On the way to a
meeting in a restricted area of a government facility, a contractor holds open a gate for a person
in a military uniform, who approaches the entry point at a jog, flashing a badge just outside of
the readable range.
What type of phishing attack targets upper-level managment?
A.) Pharming
B.) Credential harvesting
C.) Whaling
D.) Typosquatting - answer✔✔C.) Whaling
An end-user has enabled cookies for several e-commerce websites and has started receiving
targeted ads. The ads do not trouble the user until, when trying to access an e-commerce site, the
user gets several pop-up ads that automatically redirect the user to suspicious sites the user did
not intend to visit. What is the most likely explanation for this phenomenon?
A.) tracking cookies have infected the user's computer.
B.) Ransomeware has infected the user's computer.
C.) Spyware has infected the user's computer.
, EXAM STUDY MATERIALS 8/7/2024 11:29 AM
D.) Crypto-malware has infected the user's computer. - answer✔✔C.) Spyware has infected the
user's computer
A hacker gains access to a database of usernames for a target company and then begins
combining common, weak passwords with each username to attempt authentication. The hacker
conducts what type of attack?
A.) Password spraying
B.) Brute force attack
C.) Dictionary attack
D.) Rainbow table attack - answer✔✔A.) Password spraying
When monitoring API usage on a system, an engineer notices a very high error rate. The
application's latency and thresholds appear to be normal. What does the engineer determine to be
the cause?
A.) Overloaded system
B.) Security issues
C.) Number of requests
D.) Service responses - answer✔✔Overloaded system,
Security issues
A user at a realtor's office contacts their IT department to report that they are not able to copy
contract files to a USB flash drive to take home. Which explanation does the IT representative
share with the user?
A.) Data loss prevention prevents file copying.
B.) Mobile device management restricts the use of a portable USB device.
C.) A compromised private key has created a trust issue.
D.) The file copy process has been allow-listed. - answer✔✔A.) Data loss prevention prevents
file copying
An employee that carries a company credit card learns that the card has become compromised.
The employee only remembers fueling a company vehicle. Consider the following viable
methods and determine which method compromised the card.
Card cloning
Data blocker
Proximity reader
, EXAM STUDY MATERIALS 8/7/2024 11:29 AM
Card skimming - answer✔✔card skimming
Identify the type of attack where malware forces a legitimate process to load a malicious link
library.
A.) DLL injection
B.) Pass the Hash (PtH)
C.) Null pointer dereferencing
D.) Overflow attack - answer✔✔A.) DLL injection
What type of attack replays a cookie?
A.) Cross-site request forgery (CSRF or XSRF)
B.) Clickjacking
C.) Secure Sockets Layer (SSL) strip attack
D.) Session hijacking - answer✔✔D.) Session hijacking
After several users call to report dropped network connections on a local wireless network, a
security analyst scans network logs and discovers that multiple unauthorized devices were
connecting to the network and overwhelming it via a smartphone tethered to the network, which
provided a backdoor for unauthorized access. How would this device be classified?
A.) A switched port analyzer (SPAN)/mirror port
B.) A spectrum analyzer
C.) A rogue access point (AP)
D.) A thin wireless access point (WAP) - answer✔✔C.) A rouge access point (AP)
A hacker places a false name:IP address mapping in an operating system's HOSTS file,
redirecting traffic from a legitimate IP address to a malicious IP address. What type of attack did
the hacker perform?
A.) Domain hijacking
B.) Domain name system client cache (DNS) poisoning
C.) Rogue dynamic host configuration protocol (DHCP)
D.) Address Resolution Protocol (ARP) poisoning - answer✔✔B.) Domain name system client
cache (DNS) poisoning
IT staff reviews security alerts received for a monitoring system and discovers that uncommon
firewall ports on several Windows workstations and a server have been opened and are being
accessed by a malicious process. What does the staff determine the issue to be?
