14 ) EX. 13 | COMPLETE | 暗記メーカー

14 ) EX. 13 | COMPLETE

92問 • 6ヶ月前

問題一覧

What is also known as path traversal, is a web application vulnerability that allows an attacker to access files and directories that are stored outside of the web server's intended or "web root" directory.

- Directory traversal

This is an attack technique used to manipulate or compromise an X.M.L. application or service's logic.

- XML injection

This is an exploit that attempts to write data to a buffer and exceed that buffer's boundary to overwrite an adjacent memory location.

- Buffer overflow

This is the placement of malicious code in SQL statements via web page input.

- SQL injection

Which of the following measures can help prevent a buffer overflow vulnerability?

- Input validation

This is used for controlling how data is stored and retrieved, but it doesn't prevent buffer overflows.

- File system

This is where a buffer overflow vulnerability may occur, but it doesn't help in preventing the vulnerability.

- Stack memory

This protects data confidentiality, but it does not prevent buffer overflows.

- Data encryption

Which of the following utilizes a well-written set of carefully developed and tested scripts to orchestrate runbooks and generate consistent server builds across an enterprise?

- Infrastructure as Code (IaC)

This is a computing method that uses the cloud to provide any or all infrastructure needs.

- Infrastructure as a Service (IaaS)

This uses software to define networking boundaries but does not necessarily handle server architecture in the same way that I.a.C. can.

- Software Defined Networking (SDN)

This is a computing method that uses the cloud to provide users with application services.

- Software as a Service (SaaS)

You want to provide controlled remote access to the remote administration interfaces of multiple servers hosted on a private cloud. What type of segmentation security solution is the best choice for this scenario?

- Jumpbox

This is a special-purpose computer on a network specifically designed and configured to withstand attacks. The computer generally hosts a single application. For example, a proxy server and all other services are removed or limited to reduce the threat to the computer.

- Bastion hosts

This separation would prevent a system from accessing the remote administration interface directly and require an airgap system to reach the private cloud.

- Physical

This system is a network or single host computer with unique security requirements that may physically be separated from any other network.

- Airgap

You are troubleshooting a network connectivity issue and need to determine the packet's flow path from your system to the remote server. Which of the following tools would best help you identify the path between the two systems?

- tracert

This tool is a command-line network utility that displays network connections for Transmission Control Protocol, routing tables, and some network interface and network protocol statistics on a single system.

- netstat

This command is a diagnostic tool for NetBIOS over T.C.P / I.P. used to troubleshoot NetBIOS name resolution problems.

- nbtstat

This tool displays all current T.C.P. / I.P. network configuration values on a given system.

- ipconfig

Which of the following vulnerability scanning tools would be used to conduct a web application vulnerability assessment?

- Nikto

Which stands for Open Vulnerability Assessment Scanner, is an open-source framework and component of Greenbone Vulnerability Management ( G.V.M. ). It's a powerful tool designed to help organizations identify and manage security vulnerabilities in their networks, systems, and applications.

- OpenVAS

Is a widely recognized and highly respected vulnerability scanner developed by Tenable Network Security. It's a proprietary (commercial) tool used by organizations of all sizes, from small businesses to large enterprises and government agencies, to identify and manage security vulnerabilities across their I.T. infrastructure.

- Nessus

This is a leading global provider of cloud-based security and compliance solutions. Founded in 1999, it was one of the pioneers in delivering security as a Software-as-a-Service (SaaS) model.

- Qualys

Which tool should a malware analyst utilize to track the registry's changes and the file system while running a suspicious executable on a Windows system?

- Process Monitor

This is an application that logs and displays all hard disk activity on a Windows system.

- DiskMon

This is a command-line utility whose primary purpose is monitoring an application for C.P.U. spikes and generating crash dumps during a spike that an administrator or developer can use to determine the cause of the spike.

- ProcDump

This shows you what programs are configured to run during system bootup or login.

- Autoruns

In 2013, retail giant Target Corporation experienced a massive data breach, exposing the credit and debit card information of 40 million customers. Following this security incident, a special team was tasked with investigating the fundamental cause of the breach, uncovering the sequence of events that led to it, and providing insights to prevent such occurrences in the future. What term best describes this deep-dive investigative process?

- Root cause analysis

This process involves reviewing an incident to identify what was done well and what needs improvement for future responses.

- Lessons learned

This in cybersecurity is the process of collecting, analyzing, and preserving digital evidence following a security incident or cybercrime.

- Forensic analysis

This outlines procedures and processes for handling security incidents. It is a preparation tool, not a post-incident activity to identify the underlying cause of an incident.

- Incident response plan

Which of the following vulnerabilities was a zero-day exploit, meaning it was exploited before a patch became available?

- Operation Aurora

This is a critical vulnerability that can be exploited by attackers to execute arbitrary code on a vulnerable system. While this was a significant vulnerability, it was not exploited before a patch was available.

- SMBGhost

This, also known as Key Reinstallation Attacks, is a serious security vulnerability in the Wi-Fi Protected Access (WPA2) protocol. WPA2 is the most commonly used security protocol for Wi-Fi networks. KRACK allows attackers to decrypt data that is being transmitted over a Wi-Fi network, including passwords, emails, and credit card numbers.

- Krack Attack

This is a ransomware computer worm that encrypts a victim's files and demands a ransom payment in Bitcoin in order to decrypt them. It was first discovered in March 2016, and has since been used in a number of high-profile attacks, including the 2017 Ukraine cyberattacks. Petya was a significant ransomware attack, but it was not a zero-day exploit.

- Petya

Which of the following vulnerabilities was a zero-day exploit, meaning it was exploited before a patch was available?

- Stuxnet

This vulnerability (CVE-2017-5754) is a critical security flaw discovered in many modern microprocessors, primarily Intel x86 processors, but also some I.B.M. Power and ARM-based microprocessors. The name "Meltdown" refers to its ability to "melt" the security boundaries normally enforced by hardware, which are designed to isolate user applications from the operating system's kernel memory and from each other.

- Meltdown

This is formally known as CVE-2014-0160) was a critical security flaw discovered in 2014 in certain outdated versions of the Open S.S.L. cryptographic software library. OpenSSL is widely used to implement the Secure Sockets Layer (S.S.L.) and Transport Layer Security (T.L.S. ) protocols, which are essential for securing internet communication (e.g., for websites, email, instant messaging, and V.P.Ns).

- Heartbleed

This is a critical security flaw discovered in Microsoft's Remote Desktop Protocol ( R.D.P. ) implementation, primarily affecting older versions of the Windows operating system. It allows for remote code execution without any user interaction or authentication.

- BlueKeep

Your organization is transitioning to a cloud environment and wants to ensure its new infrastructure is secure. What tool could you utilize to assess the security of your cloud infrastructure?

- Pacu

This is a free and open-source network scanner designed to discover hosts and services on a computer network, but it is not a specialized tool for cloud infrastructure assessments.

- Nmap

This is a very useful tool for vulnerability scanning, but it's not specifically designed for cloud infrastructure assessments. It can identify vulnerabilities within network devices, operating systems, databases, and web applications, but does not offer the specialized capabilities of a tool like Pacu for cloud environments

- Nessus

This is a tool primarily used for testing web application security and is not designed to assess the security of cloud infrastructure.

- Burp Suite

Your organization has just migrated to provisioning its corporate desktops as virtual machines and accessing them using thin clients. The organization believes this will enhance security since the desktop can be rewritten with a new baseline image every time the user logs into it. Based on this scenario, which of the following technologies has the organization adopted?

- Virtual desktop infrastructure (VDI)

This is a system that can provide automated identification of suspicious activity by user accounts and computer hosts.

- User and entity behavior analytics (UEBA)

This is a private network segment made available to a single cloud consumer on a public cloud.

- Virtual private cloud (VPC)

This is a secure tunnel created between two endpoints connected via an insecure network, typically the internet.

- virtual private network (VPN)

Dion Training's security team recently discovered a bug in their software’s code. The development team released a software patch to remove the vulnerability caused by the bug. What type of test should a software tester perform on the application to ensure that it is still functioning properly after the patch is installed?

- Regression testing

This is an authorized simulated cyberattack on a computer system, performed to evaluate the system's security.

- Penetration testing

This is an automated software testing technique that involves providing invalid, unexpected, or random data as inputs to a computer program. The program is then monitored for exceptions such as crashes, failing built-in code assertions, or potential memory leaks.

- Fuzzing

This is a test conducted to determine if the specifications or contract requirements have been met

- User acceptance testing

Natalie wants to create a backup of the permissions before making changes to the Linux workstation she will remediate. What Linux tool can she use to back up the permissions of the system's complete directory structure?

- getfacl

This command is used to restore the permissions from the backup created.

- setfacl

The aclman and chbkup are not legitimate Linux commands.

- aclman & chbkup

This command is used to configure the Linux firewall, not the directory structure's file permissions.

- iptables

What document typically contains high-level statements of management intent?

- Policy

This describes exactly how to use the standards and guidelines to implement the countermeasures that support the policy.

- Procedure

This is a recommendation that can specify the methodology that is to be used.

- Guideline

This describes specific products, configurations, or other mechanisms to secure the systems.

- Standard

Which of the following categories of controls are firewalls, intrusion detection systems, and a RADIUS server classified as?

- Technical controls

These include locks, fences, and other controls over physical access.

- Physical controls

These are controls that are put in place to cover any gaps and reduce the risk remaining after using other controls.

- Compensating controls

These controls involve processes and procedures. Physical controls include locks, fences, and other controls over physical access.

- Administrative controls

Nicole's organization does not have the budget or staff to conduct 24/7 security monitoring of their network. To supplement her team, she contracts with a managed SOC service. Which of the following services or providers would be best suited for this role?

- Managed Security Service Provider (MSSP)

This is a fundamental category of cloud computing services that provides virtualized computing resources over the internet. Instead of owning and managing physical hardware (servers, networking devices, storage), organizations can rent these components on demand from a cloud provider.

- IaaS ( Infrastructure as a Service )

It's the most common and widely recognized cloud computing service model, where a cloud provider hosts and manages an application and makes it available to users over the internet, typically on a subscription basis.

- SaaS ( Software as a Service )

It's a cloud computing service model that provides a complete development and deployment environment in the cloud, with all the resources needed to build, run, and manage applications, without the complexity of building and maintaining the underlying infrastructure.

- PaaS ( Platform as a Service )

After a security incident has been handled, what post-incident activity involves the detailed examination of the incident to identify the primary cause or causes, often using tools to analyze logs, network traffic, and other data?

- Root cause analysis

This is a strategic document outlining the procedures for handling and managing an incident, not a post-incident activity.

- Incident response plan

This involves a detailed examination of an incident, it typically goes beyond root cause analysis to include a detailed and systematic examination of all aspects of an incident, often with an eye to legal requirements and implications.

- Forensic analysis

This is a process that follows an incident, where all stakeholders reflect on what happened, what was done well, and what needs to be improved for future incidents. It is broader and less technically focused than root cause analysis.

- Lessons learned

This is a type of code injection attack that exploits vulnerabilities in data-driven applications. It occurs when an attacker inserts malicious SQL (Structured Query Language) statements into an input field (like a login form, search bar, or URL parameter) that is then processed by a web application and executed by its backend database.

- SQL injection

This is an attack in which the goal is to execute arbitrary commands on the host operating system via a vulnerable application.

- Command injection

This is an H.T.T.P. attack that allows attackers to access restricted directories and execute commands outside of the web server's root directory.

- Directory traversal

This is a code injection technique used to exploit web applications that could reveal sensitive user information or modify information represented in the L.DAP (Lightweight Directory Access Protocol) data stores.

- LDAP injection

You have been given access to a Windows system located on an Active Directory domain as part of a white box penetration test. Which of the following commands would provide information about other systems on this network?

- net use

This command can only be used on domain controllers.

- net group

This command would show any user accounts on the local Windows workstation you are using.

- net user

This command will allow servers and workstations services to be controlled once they have already been identified.

- net config

What are the three distinct ranges the I.A.N.A divides the 65,536 possible port numbers into:

- Well - Known Ports, - Registered Ports, - Dynamic / Private / Ephemeral Ports

What is the port range for Well-Known Ports:

0 - 1023

What is the port range for Registered Ports:

1024 - 49151

What is the port range for Dynamic / Private / Ephemeral Ports:

49152 - 65535

Is a free, open-source web application security scanner. It’s a widely used tool for identifying security vulnerabilities in web applications.

- OWASP Zed Attack Proxy ( Z.A.P. )

Is a free and open-source vulnerability scanning software. It's a key component of the Greenbone Vulnerability Management ( G.V.M. ) suite, which is a comprehensive framework for vulnerability scanning and management.

- OpenVAS ( Open Vulnerability Assessment Scanner )

This is a widely recognized and leading vulnerability scanner developed by Tenable, Inc. It's a proprietary (commercial) tool, though it originally started as open-source. This is a cornerstone in many organizations' cybersecurity arsenals for identifying and managing security vulnerabilities across their I.T. infrastructure.

- Nessus

This is a platform that delivers a suite of integrated applications designed to help organizations identify, assess, prioritize, and remediate security risks across their entire I.T. landscape.

- Qualys

Which party in a federation provides services to members of the federation?

- Relying parties (RPs)

This is an open standard for exchanging authentication and authorization data between parties between an identity provider and a service provider (SP) or a relying party (RP).

- Security Assertion Markup Language (SAML)

This is an authentication scheme that allows a user to log in with a single ID and password to any of several related yet independent software systems across a federation.

- Single sign-on (SSO)

This provides identities, makes assertions about those identities, and releases information about the identity holders.

- identity provider (IdP)

THE P.T: 1 CHRONICLE: ( ex.9 )

The R.S.S.H Delivery Company · 90問 · 6ヶ月前

THE P.T: 1 CHRONICLE: ( ex.9 )