Chapter 07 – Protecting Against Advanced Attacks

Ref: CompTIA Security Plus Get Certified Get Ahead SY0-701 Study Guide

CompTIA Security+ (SY0-701) – Chapter 7

1 / 143

What is a primary indication of an ongoing Secure Sockets Layer (SSL) stripping (or TLS stripping) attack?

2 / 143

Which of the following is a potential consequence of poor memory management techniques?

3 / 143

What is a primary indicator of a DNS poisoning attack?

4 / 143

What is the role of AI and ML in Cybersecurity?

5 / 143

What is the purpose of Implementing boundary or range checking in input validation?

6 / 143

What is one of the vulnerabilities related to databases?

7 / 143

What is dynamic code analysis?

8 / 143

Which of the following stages in a secure development environment aims to simulate the production environment for late-stage testing?

9 / 143

What is one key difference between third-party libraries and software development kits (SDKs)?

10 / 143

What is a Server-Side Request Forgery (SSRF) attack?

11 / 143

Why are macros, including VBA macros, disabled by default in Microsoft Office applications?

12 / 143

What is the purpose of a primary key in a database as described in the first normal form (1NF) criteria?

13 / 143

What is a benefit of using parameterized stored procedures in web applications?

14 / 143

What does continuous validation stage in the DevOps model depict?

15 / 143

What is an important step to follow in terms of error reporting according to the given text?

16 / 143

What is the primary differentiation between continuous deployment and continuous delivery in the context of DevOps automation?

17 / 143

What is a key vulnerability that organizations should consider when outsourcing code development?

18 / 143

What is OpenSSH as described in Chapter 3?

19 / 143

Which of the following is NOT a tactic listed in the MITRE ATT&CK matrix?

20 / 143

How do you execute a bash script named ’mytest.sh’ in a Unix-like environment?

21 / 143

What is one of the primary protocols at the Data Link layer (Layer 2) of the OSI model that can be exploited by attackers?

22 / 143

What is the function of Command and Control (C2) in the intrusion kill chain?

23 / 143

What aids ISPs in determining the likelihood of an email being legitimate or malicious?

24 / 143

What is OpenSSL primarily used for today given SSL’s vulnerabilities?

25 / 143

What is the best practice for error handling and why?

26 / 143

What is SQL commonly used for?

27 / 143

In reference to the intrusion kill chain, what does the ’delivery’ element involve?

28 / 143

What is the primary function of the Open Web Application Security Project (OWASP)?

29 / 143

What can be an indication that a macro may have been modified by an attacker?

30 / 143

What does the HTTP Strict-Transport-Security header tell the browser to do?

31 / 143

What is the term for code that is brought into a new application but never executed or used?

32 / 143

What is the best way to prevent LDAP injection attacks as described in the text?

33 / 143

What does ’Content-Security-Policy’ in HTTP headers do?

34 / 143

What is the function of the continuous integration process in a DevOps model?

35 / 143

What does code obfuscation or code camouflage do?

36 / 143

What describes the reason behind not including repeating groups in the columns while creating a database in first normal form (1NF)?

37 / 143

What is the most common method an attacker uses to perform client-side request forgeries?

38 / 143

What is the main difference between artificial intelligence (AI) and machine learning (ML)?

39 / 143

What is the final step in the intrusion kill chain as defined by scientists at Lockheed-Martin?

40 / 143

What is the primary function of Software Version Control?

41 / 143

What is the purpose of input validation in the context of web security?

42 / 143

What is a replay attack and how can it be prevented?

43 / 143

Which types of attacks are web servers particularly susceptible to?

44 / 143

What is the purpose of input validation in developing secure web applications?

45 / 143

In the context of the cyber kill chain, what does ’Weaponization’ involve?

46 / 143

Which types of injection attacks are described as beyond SQL injection attacks?

47 / 143

What is the indicator of a successful URL redirection attack?

48 / 143

Why is it important to treat machine learning algorithms as proprietary data?

49 / 143

What is the primary purpose of automated software diversity methods according to the text?

50 / 143

What are the specific security concerns that organizations should address while outsourcing code development?

51 / 143

Which of the following best describes Cross-site scripting (XSS)?

52 / 143

What is the primary difference between continuous deployment and continuous delivery within the DevOps model?

53 / 143

Which of the following best describes the role of Quality Assurance (QA) in a secure development environment?

54 / 143

What information is contained within DNS log files?

55 / 143

Why is it a security concern if the contract for outsourced code development does not mention updates?

56 / 143

What is the purpose of blocking HTML code in input validation?

57 / 143

What are the two benefits of using the code signing process for software codes, as described in Chapter 10?

58 / 143

What happens during a MAC flooding attack when a switch enters a fail-open state?

59 / 143

What does the SQL clause ’WHERE ‘1’=’1’’ do in a SQL injection attack?

60 / 143

What does it indicate if logs show that bash or sh is being invoked to run scripts?

61 / 143

What is the process of provisioning an application typically refer to in secure application development and deployment concepts?

62 / 143

In the Diamond Model of Intrusion Analysis, how are victims identified?

63 / 143

Why is related data contained in a separate table in a database in first normal form (1NF)?

64 / 143

In the context of the cyber kill chain, what happens during the ’Installation’ step?

65 / 143

What is the function of a reverse lookup in DNS?

66 / 143

What is a typical indicator of a successful pharming attack on a client computer?

67 / 143

Which two primary messages does ARP use in its operation?

68 / 143

In the context of CompTIA Security+, what is a directory traversal attack?

69 / 143

What are the criteria that a database must meet to be in first normal form (1NF)?

70 / 143

Which of the following statements best describes a Secure Cookie?

71 / 143

What is the process of refactoring code?

72 / 143

In a secure development environment, which stage is provided as a complete but independent copy of a production environment for the purposes of late-stage testing?

73 / 143

Which of the following is a method used to protect against Cross-Site Request Forgery (XSRF)?

74 / 143

How can an attacker use ARP poisoning in a DoS attack?

75 / 143

Why is it important for applications to provide general rather than detailed error messages to users?

76 / 143

Which of the following is NOT a common indicator of a malware infection?

77 / 143

What are the potential outcomes of an ARP on-path attack?

78 / 143

What are some security concerns organizations should consider when outsourcing code development?

79 / 143

What is the first step in the intrusion ’kill chain’ as identified by scientists at Lockheed-Martin?

80 / 143

What does the HTTP Strict-Transport-Security header in an HTTP response indicate?

81 / 143

What are the four key components of every intrusion event according to the Diamond Model of Intrusion Analysis?

82 / 143

Which of these is the correct sequence of steps in the intrusion kill chain as identified by scientists at Lockheed-Martin?

83 / 143

What are the usual extensions for Python script files and their compiled versions?

84 / 143

What is the purpose of the Production stage in a secure development environment?

85 / 143

What are other input validation techniques used to prevent web application attacks?

86 / 143

What is a common method used in IP spoofing?

87 / 143

What does integrity measurement refer to in the context of software development?

88 / 143

What is a memory leak in a computer application?

89 / 143

What is the purpose of the X-Frame-Options in HTTP headers?

90 / 143

What is the purpose of Adversarial Artificial Intelligence?

91 / 143

What is the primary purpose of a ’shim’ in the context of operating system drivers?

92 / 143

What is one of the main functions of a stored procedure in a web application?

93 / 143

What is the primary reason for encouraging code reuse in application development?

94 / 143

What is the primary purpose of a DNS sinkhole?

95 / 143

What is the purpose of the Get-Command cmdlet in Windows Powershell?

96 / 143

What does the SQL injection attack command ’;–’ do in the SQL statement?

97 / 143

Why would someone use MAC cloning as described in the provided text?

98 / 143

What is a primary indicator of XML injection as described in the passage?

99 / 143

What is the purpose of using frameworks like MITRE ATT&CK and Pre-ATT&CK by the Cybersecurity and Infrastructure Security Agency (CISA)?

100 / 143

What is sandboxing in application testing?

101 / 143

In the Diamond Model of Intrusion Analysis, what does the ’Infrastructure’ component refer to?

102 / 143

What is the method to detect a PowerShell cmdlet?

103 / 143

What is the correct way to run a bash script called mytest.sh in a Unix or Unix-like operating system?

104 / 143

What criteria is required for a database to be considered in Second Normal Form (2NF)?

105 / 143

What is the main goal of studying numerous well-known attacks, as stated in the section ’Identifying Network Attacks’?

106 / 143

What is an indicator of tainted data being used in an AI or ML system according to the given text?

107 / 143

What happens when an integer overflow occurs in an application?

108 / 143

What is the common consequence of setting an object to null and trying to use it in run time in C++ and C#?

109 / 143

What does the bash or sh command denote when it comes to running a script file in a Linux terminal?

110 / 143

What is the purpose of using a series of NOP or x90 instructions in a buffer overflow attack?

111 / 143

Which of the following best describes a method of input validation to increase application security as discussed in the text?

112 / 143

What is the purpose of Manual code review in testing applications?

113 / 143

What is a likely indicator of an on-path attack taking place?

114 / 143

What type of information can typically be found in web server logs?

115 / 143

In the Diamond Model of Intrusion Analysis, what are the identities used to identify an adversary?

116 / 143

Which of the following is a common way applications use to protect data at rest and data in transit?

117 / 143

What are the main steps carried out by an attacker during a domain hijacking attack?

118 / 143

What is the primary purpose of the staging phase in a secure software development environment?

119 / 143

Who should understand secure application development and deployment concepts?

120 / 143

What describes static code analysis in application security?

121 / 143

What identifies a zero-day attack?

122 / 143

In the context of the Diamond Model of Intrusion Analysis, what does ’Capabilities’ refer to?

123 / 143

Client-side input validation in a web application…

124 / 143

What does it mean for a database to be in third normal form (3NF)?

125 / 143

Which of the following is NOT a step in the cyber kill chain as presented in the text?

126 / 143

What does the continuous monitoring process in a DevOps model do?

127 / 143

What is DLL injection as described in regards to application security?

128 / 143

What is the primary objective of both DoS and DDoS attacks?

129 / 143

What is the purpose of normalization in a database?

130 / 143

What is the primary difference between continuous deployment and continuous delivery in a DevOps model?

131 / 143

What best defines the process of manual code review?

132 / 143

What is the primary purpose of the ’Staging’ stage in a secure development environment?

133 / 143

What are the attack frameworks used for in cybersecurity?

134 / 143

What is the primary difference between reflected XSS and stored XSS attacks?

135 / 143

What happens in a SYN flood attack?

136 / 143

What is a driver shim and what does it help to achieve?

137 / 143

What is ’Dead code’?

138 / 143

What is one major security concern when outsourcing code development?

139 / 143

Which is NOT a method to prevent cross-site scripting (XSS) attacks mentioned in the text?

140 / 143

What tasks can an effective Secure Orchestration, Automation, and Response (SOAR) platform handle in the context of automated courses of action?

141 / 143

What is a major vulnerability of the ARP reply?

142 / 143

What is a vulnerability of ARP that can result in an ARP poisoning attack?

143 / 143

What is a race condition in the context of application design?

Your score is

Dowload the FREE OFFLINE Version of this Test Bank

Boost your cybersecurity skills! Click to download the CompTIA Security+ Practice Anki deck.

Anki deck of CompTIA A+ Practice Questions images

Boost your IT skills with our free CompTIA Security+ practice test focusing on Chapter 07: Protecting Against Advanced Attacks. Whether you’re entering the IT industry or advancing in cyber security, our resources are here to help you succeed in the CompTIA Exam.

Why Choose Our CompTIA Security+ Practice Test?

  • Skill Enhancement:

Covers essential techniques for protecting against advanced attacks crucial for the CompTIA Exam.

  • Career Advancement:

Passing the CompTIA Security+ exam can open doors to new job opportunities and significant career changes in the IT industry.

  • Vulnerability Management:

Master the art of protecting against advanced attacks, a key skill in cyber security.

Free Anki Deck Download

Download our free Anki Deck, reviewed by industry expert Josh Madakor, who has extensive experience in IT and cyber security, including work with Microsoft and government sectors. Learn more about Anki on the official site.

Get Started with Your IT Career Change Today!

Visit the CompTIA Security+ official site and the CompTIA Network+ official site for more information.

 

Explore our other free practice tests:
Share the Post:

Related Posts

RSS  
  • Discover How to Work Remotely and Travel!
    Have you ever dreamed about working from beautiful places like Thailand or Japan, but weren’t sure if it’s possible? I’m here to share my adventures and some tips on how to make working remotely while exploring the world a reality.  Who Am I? My name is Josh, and I’m all about creating helpful content on […]
  • Why Contract Work in IT Can Be a Good Start for Your Career
    Hey buddies! Are you curious about what it’s like to work in IT and cyber security? Well, you’re in luck because today we’re diving into the world of contract work and how it might just be the jumpstart your career needed! Getting Into the World of Contract Work in IT Josh, an expert in IT […]
  • Is Cyber Security a Career That Will Last Forever?
    Hey everyone! Have you ever wondered if choosing a career in cyber security is a good idea for the long haul? Well, let’s dive into this topic with the help of Josh Maor’s insights, and find out why cyber security might just be one of the smartest career choices out there. What Is Cyber Security? […]
IT Course

The Affordable, Hands-On Josh Madakor IT Course that gets Results!

Ready to get started your journey?
Cyber Course

The Affordable, Hands-On Cyber Security that gets Results!

Ready to get started your journey?

JOIN OUR

NEWSLETTER

Sign up for our free newsletters.

by joining 8000+ others in my weekly newsletter 

where you’ll get a dose of my thoughts on self-improvement, career,

and life!