Free CompTIA Security+ Practice Chapter 6

Ref: CompTIA Security Plus Get Certified Get Ahead SY0-701 Study Guide

CompTIA Security+ (SY0-701) – Chapter 6

1 / 128

Which of the following best describes a zero-day vulnerability based on the provided text?

A. It is a vulnerability that operates only on the zeroth day of its inception.

B. It refers to issues that exist only within zero-day anti-virus software.

C. It is a vulnerability unknown to trusted sources such as operating system and antivirus vendors, and it remains until these vendors know about the issue and release patches.

D. This vulnerability refers to a bug that anti-virus companies have been informed about and are preparing patches for.

2 / 128

What is a characteristic of an advanced persistent threat (APT)?

A. They are always independent actors with no funding

B. They only target private individual users

C. They often represent a long term, highly organized threat

D. They are solely motivated by greed

3 / 128

What is the primary motivation for criminal syndicates in the context of cyberattacks?

A. Political Influence

B. Sharing knowledge

C. Personal gain

D. Money

4 / 128

What is the purpose of reflective questioning in social engineering?

A. For the attacker to pretend they’re not interested in the conversation

B. For the attacker to provide false information to the target

C. To demonstrate active listening and encourage a target to talk more

D. To allow the attacker to make exaggerated claims

5 / 128

What does data exfiltration refer to in the context of malware attacks?

A. Unauthorized downloading of apps onto a network

B. Unauthorized transfer of data out of a network

C. Encrypted data rendering data loss prevention techniques ineffective

D. An overwhelming amount of traffic added to a network

6 / 128

What potential damage could serious virus hoaxes cause?

A. They force users to delete unimportant files.

B. They make users purchase unnecessary antivirus software.

C. They encourage users to delete important files, potentially making their systems unusable.

D. Hoaxes do not cause any real damage.

7 / 128

Why do social engineers often attempt to build rapport with a victim before launching an attack?

A. To distract the victim from the attack

B. To make the victim like them and more likely to comply

C. To confuse the victim

D. To get the victim to trust them with sensitive information

8 / 128

What term best describes the group of threat actors who are usually highly organized, funded by nation-states, and target specific organizations for long periods of time?

A. Criminal syndicates

B. Script kiddies

C. Hacktivists

D. Advanced Persistent Threats (APTs)

9 / 128

What is a characteristic of fileless malware?

A. It only operates through email attachments

B. It is always coded in Java language

C. It runs in memory and can inject into legitimate applications

D. It does not bypass anti-malware programs

10 / 128

What is the primary purpose of dumpster diving in the context of cybersecurity?

A. Filling up the garbage bin

B. Acquiring recyclable materials

C. Recovering forgotten items

D. Gaining information from discarded documents

11 / 128

In the context of social engineering attacks, why is the principle of liking and rapport building effective in shoulder surfing?

A. It allows the attacker to physically force their way into the victim’s personal space

B. It makes it likely for the victim to share their passwords directly with the attacker

C. It makes the victim less likely to recognize and stop a shoulder surfing attack

D. It distracts the victim with continuous social interaction

12 / 128

What is the primary function of signature files in antivirus software?

A. Deleting files that are potentially dangerous.

B. Providing a pattern for scanning files for viruses and other known malware.

C. Automating the update process.

D. Quarantining viruses for further analysis.

13 / 128

What is the purpose of using a spam filter on mail gateways?

A. To monitor network traffic through the firewall

B. To remove potentially malicious attachments off the email

C. Detect and filter spam before it reaches users

D. To inspect network traffic to reduce the risk of malware entering the network

14 / 128

Which of the following best describes pretexting in the context of social engineering?

A. It involves adding information to the end of an email subject line

B. It is a defensive technique used by organizations to notify users of potentially unsafe emails

C. It is a fictitious scenario added to a conversation to make a request more believable

D. It involves adding [SAFE] to the beginning of an email subject line to trick users into believing the email is not malicious

15 / 128

What is the primary motivation for criminal syndicates in launching cyber attacks?

A. They are bored and just want to see what they can do

B. They are funded by nation-states or governments with specific targets

C. They want to raise awareness about a social or political cause

D. Their main goal is to get more money typically through criminal activities

16 / 128

What is the primary purpose of a Request for Comments (RFC) published by the Internet Engineering Task Force (IETF)?

A. To document research on a technical topic

B. To share data via social media groups

C. To standardize technical specifications on the internet

D. To share information between the FBI and specific sectors

17 / 128

Which of the following is NOT a typical indicator of a malware attack?

A. Extra traffic being generated

B. Traffic to specific IPs

C. Encrypted traffic

D. Reduction in network traffic

18 / 128

According to the passage, which of the following is not a technique used by social engineers in the elicitation process?

A. Active listening

B. Reflective questioning

C. False statements

D. Internet phishing

19 / 128

What security attack tactic involves combining intimidation with urgency and impersonation?

A. Spear Phishing

B. Pharming

C. Hoaxing

D. Social Engineering

20 / 128

Which of the following strategies is commonly utilized to mitigate the risk of malware entering the network through network traffic?

A. Use of spam filters on mail gateways

B. Installation of anti-malware software on mail gateways

C. Implementation of Unified Threat Management (UTM) systems

D. Installing anti-malware software on all workstations and servers

21 / 128

Which of the following attack vectors is estimated to be the starting point of up to 91 percent of all attacks?

A. Social media

B. Wireless networks

C. Email

D. VPNs

22 / 128

What is the technique called that attackers use by sending text messages to trick users into giving up personal information and uses the method of phishing?

A. Vishing

B. Smishing

C. Spamming

D. Whaling

23 / 128

What are some effective methods to prevent shoulder surfing as mentioned in the text?

A. Positioning monitors and screens so unauthorized personnel cannot see them

B. Having a password policy

C. Installing CCTV cameras in office premises

D. Implementing a multi-factor authentication system

24 / 128

Which of the following best describes Indicators of Compromise (IoC)?

A. Prewritten code in a file repository that developers use for gathering intelligence.

B. A visual representation of active threats, often showing replays of recent attacks.

C. An area of the Internet populated by criminals who store and sell hacking tools, botnets, and pirated materials.

D. Evidence that a cyberattack is in progress or has occurred, often taking the form of antivirus alerts or detected potential attacks.

25 / 128

What is the role of InfraGard in the context of public/private information sharing centers?

A. It is a social media group where people exchange data on potential threats.

B. It is a non-profit organization that shares information between the FBI and members in specific sectors.

C. It is an academic journal where cybersecurity professionals publish their research.

D. It is a conference for sharing cybersecurity information.

26 / 128

Which of the following attacks are most likely to use urgency as a technique?

A. Man-In-The-Middle attack

B. Denial of service attack

C. Ransomware

D. Rootkits

27 / 128

How do attackers use social media as an attack vector?

A. Oversharing personal information

B. Gathering information on targets via social media

C. Direct message spamming

D. Creating fake profiles and befriending targets

28 / 128

What is the main purpose of a whaling attack?

A. To gain access to a company’s financial accounts

B. To target high-level executives for confidential company information

C. To damage a company’s reputation by posing as a high-level executive

D. To send malicious emails to all employees in a company

29 / 128

What is a key challenge when implementing spam filters?

A. Filters often do not recognize spam emails.

B. Filters unnecessarily block all incoming emails.

C. Filters may mistakenly flag and filter out legitimate emails.

D. Filters fail to provide an option to mark certain email addresses or domains as safe.

30 / 128

Why are building rapport and likability important in the context of tailgating attacks?

A. A likable person is more likely to catch the attention of security personnel

B. People are more likely to allow someone they know or like to tailgate behind them

C. It distracts people from their work

D. It increases the attacker’s morale and determination

31 / 128

Criminal syndicates and Advanced Persistent Threats (APTs) are both types of organized cyber threat actors, but have different primary motivations. What are the chief motivations of these groups?

A. APTs are motivated by political agendas, while Criminal syndicates aim for personal gain

B. Both APTs and Criminal syndicates are primarily motivated by financial gain

C. Criminal syndicates are motivated by political agendas, while APTs aim for personal gain

D. Both APTs and Criminal syndicates are primarily motivated by national security

32 / 128

Which of the following best describes the term ’Advanced Persistent Threat (APT)’?

A. An individual that launches attacks out of boredom or for fun

B. An activist group that tries to raise awareness of social and political issues through cyber attacks

C. A sophisticated group of threat actors that is typically sponsored by nation-states

D. A criminal syndicate that orchestrates attacks with the primary motivation to make money

33 / 128

What is the purpose of Trusted Automated eXchange of Indicator Information (TAXII)?

A. It identifies what cyber threat information organizations should share.

B. It’s a service that specifically gathers and shares threat information from the dark web.

C. It’s an open standard that defines services for sharing threat information without specifying what should be shared.

D. It’s a part of the National Vulnerability Database used to document vulnerabilities.

34 / 128

What are attack vectors and how do attackers use them?

A. They are the paths that attackers use to gain access to computers and networks in order to exploit vulnerabilities

B. They are tools that attackers use to infiltrate cyber systems

C. They are a type of virus that attackers use to hijack networks

D. They are methods attackers use to sabotage technology

35 / 128

Which of the following is NOT provided as a source for taking the assistance of cybersecurity personnel during threat research?

A. Vendor websites

B. Online forums

C. Academic journals

D. Conferences

36 / 128

How does the concept of ’Scarcity’ apply to phishing and Trojan attacks?

A. Scarcity refers to the limited number of victims a phishing or Trojan attack can affect.

B. Scarcity is a method where attackers limit the resources available to a system, forcing it to crash.

C. Scarcity is a technique where attackers offer exclusive access to a limited product to lure victims to a malicious website.

D. Scarcity refers to the limited number of successful phishing or Trojan attacks an attacker can carry out.

37 / 128

Which of the following is NOT a technique used by fileless malware?

A. Memory code injection

B. Script-based techniques

C. Windows Registry manipulation

D. Installing fake antivirus software

38 / 128

What is the primary risk associated with Shadow IT?

A. It can run out of storage space quickly

B. Users may install too many applications

C. It prevents software updates from being installed

D. Unmanaged systems and applications may be susceptible to emerging vulnerabilities

39 / 128

What does heuristic-based detection in antivirus software aim to detect?

A. Known viruses based on their code signatures

B. Suspicious behaviors and activities in the live environment

C. Few specific types of malware such as Trojans

D. Previously unknown viruses and zero-day exploits

40 / 128

What is the impact of Potentially unwanted programs (PUPs) on a user’s computer?

A. They always crash the computer

B. They enhance the performance of the computer

C. They can change the user’s browser settings without clear consent

D. PUPs are always beneficial

41 / 128

What is the technique of vishing as used in cyber security?

A. Sending malicious files as email attachments and identifying them as lawsuits or subpoenas

B. Using authority to make someone do something they normally wouldn’t do

C. Impersonating authority figures over the phone to deceive individuals into revealing sensitive information

D. Stealing sensitive information by masquerading as a trustworthy entity in an electronic communication

42 / 128

Which are some of the reported names for the APTs sponsored by the Iranian government?

A. PLA Unit 61398, Buckeye, Double Dragon

B. Elfin Team, Helix Kitten, Charming Kitten

C. Ricochet Chollima, Lazarus Group

D. Fancy Bear, Cozy Bear, Voodoo Bear, Venomous Bear

43 / 128

What is one reason an attacker might buy a domain name similar to a legitimate website, as discussed in the ’Earning ad revenue’ section?

A. To sell counterfeit products

B. To host pay-per-click ads

C. To conduct phishing campaigns against users

D. To store stolen data

44 / 128

What is URL hijacking or typo squatting?

A. Installation of drive-by malware on user’s systems.

B. Buying a domain name that is close to a legitimate domain name.

C. Earning ad revenue through pay-per-click ads on your site.

D. Reselling the domain for a hefty profit.

45 / 128

Which of the following is NOT a common security control used to protect against malware?

A. Spam filter on mail gateways

B. Anti-malware software on mail gateways

C. Firewalls monitoring network traffic

D. Software updates on all systems

46 / 128

Which of the following is NOT an indicator of a malware attack?

A. Extra network traffic

B. Regular data transfer within a network

C. Encrypted traffic

D. Traffic to specific known command and control server IPs

47 / 128

What is the primary function of anti-malware software on mail gateways?

A. It filters out spam emails.

B. It blocks and strips potentially malicious attachments off emails.

C. It monitors network traffic through the firewall.

D. It installs additional, specialized anti-malware software on servers.

48 / 128

What is Predictive analysis in the context of cybersecurity?

A. It is a visual representation of active threats.

B. It is an open-source intelligence method used by attackers to gather information.

C. It is data shared via TAXII.

D. It involves techniques that attempt to predict what attackers will do next and methods to thwart their attacks.

49 / 128

What is the Automated Indicator Sharing (AIS) used for?

A. To predict what attackers will do next

B. To provide a visual representation of active threats

C. For real-time exchange of threat indicators and defensive measures

D. To store and sell hacking tools, access to botnets, pirated materials

50 / 128

What is one possible reason an attacker might purchase a domain name similar to a legitimate one, according to the passage?

A. To participate in online auctions

B. To hoard domains with no intent to use

C. To host pay-per-click ads for revenue

D. To protect the legitimate site from potential threats

51 / 128

What tactics are considered effective for a person to get others to comply through impersonation?

A. Posing as a government official

B. Pretending to be a technician

C. Implying lawsuits or subpoenas

D. All of the above

52 / 128

What is the importance of academic journals in cybersecurity?

A. They offer a platform for cybersecurity experts to sell their products.

B. They contain technical research documents on cybersecurity, reviewed by peers for credibility.

C. They are internet standards published by the Internet Engineering Task Force (IETF).

D. They provide opportunities for on-site training and networking with other cybersecurity professionals.

53 / 128

Which of the following is NOT a common security control used to protect against malware according to the text?

A. Spam filter on mail gateways

B. Using anti-malware software on all systems

C. Establishing boundaries or firewalls

D. Bypassing email servers and directly sending emails to users

54 / 128

What is a common method attackers use to spread Trojans?

A. By hacking into a user’s network and manually installing it

B. By embedding the Trojan in a website’s code

C. By sending the Trojan via SMS

D. By attaching the Trojan in a physical form with a device

55 / 128

Which of the following methods is NOT used by fileless viruses?

A. Memory code injection

B. Script-based techniques

C. Windows Registry manipulation

D. Network traffic analysis

56 / 128

What is an Advanced Persistent Threat (APT) typically understood to be in the context of cyber attacks?

A. A group of individual hackers aiming for monetary gain

B. A single dedicated individual launching cyber attacks

C. A script kiddie using existing scripts to launch attacks

D. A group of organized threat actors, typically sponsored by nation-states

57 / 128

What is the main motivation behind the cyber activities of criminal syndicates?

A. Political activism

B. Boredom

C. Money

D. Knowledge sharing

58 / 128

What is the role of a ’Bot herder’ in a botnet?

A. They are the infected computers within the network

B. They serve as the command and control systems, receiving commands from the attackers

C. They manage botnets, attempting to infect as many computers as possible and control them through systems on the Internet

D. They are the bots that do the bidding of the bot herder

59 / 128

What is the function of threat maps?

A. They provide a visual representation of upcoming threats

B. They reveal the identity of those being attacked

C. They provide a visual representation of active threats

D. They show real-time data of attacks

60 / 128

What is the role of a local industry group in the context of cybersecurity?

A. To host conferences related to cybersecurity

B. To share and collaborate on information related to their industry

C. To publish scholarly articles in academic journals

D. To exchange data via social media groups

61 / 128

What is the role of the Structured Threat Information eXpression (STIX) in open source intelligence (OSINT)?

A. It identifies what cyber threat information organizations should not share.

B. It provides a common language for addressing a wide range of cyber threat information.

C. It is a database of known vulnerabilities maintained by the U.S. government.

D. It is a site on the dark web used by criminals to store and sell hacking tools.

62 / 128

What does closed/proprietary intelligence refer to in the context of cybersecurity?

A. Publicly available data obtained from sites like Facebook or Twitter

B. The process of predicting potential cyber attacks

C. Trade secrets and intellectual property of an organization

D. Information available on the dark web

63 / 128

What is phishing?

A. It’s a type of spam that is unwanted but not harmful.

B. It is an attempt to trick users into revealing sensitive information or clicking on a malicious link.

C. It is an email from a legitimate company asking you to input your credentials to validate them.

D. It’s an activity where a person goes fishing.

64 / 128

What do rootkits use to modify system behavior and avoid detection?

A. Interrupt signals

B. Buffer overflows

C. Hooking techniques

D. API calls

65 / 128

What description is accurate regarding the threat actor referred to as a ’script kiddie’?

A. They are an advanced persistent threat sponsored by nation-states.

B. They are a hierarchy-structured criminal syndicate focused primarily on financial gain.

C. They are an activist who launches attacks to raise awareness for a cause.

D. They use existing computer scripts or codes to launch attacks, usually with little expertise or sophistication.

66 / 128

What are some common types of open source intelligence (OSINT) utilized by penetration testers or attackers?

A. Vulnerability databases and social media platforms

B. Trade secrets and proprietary intelligence

C. CEO names and company websites

D. Past antivirus alerts and predictive analysis techniques

67 / 128

What does ’reconnaissance’ refer to within the context of social engineering?

A. Decommissioning outdated systems’

B. Installing firewall systems

C. Managing user access rights

D. Gathering as much information as possible on a target

68 / 128

What is the main purpose of a backdoor?

A. To provide a shortcut for normal authentication methods

B. To provide maintenance access for application developers

C. To allow former employees to retain access after being fired

D. To provide private communication channels

69 / 128

What are the two common methods by which antivirus software detects viruses?

A. History-based detection and procedural-based detection

B. Signature-based detection and heuristic-based detection

C. Pattern-based detection and activity-based detection

D. Behavior-based detection and frequency-based detection

70 / 128

Which of the following is usually a strong indicator of a system being part of a botnet?

A. Firewall logs show incoming spam

B. There are large amounts of outgoing spam

C. High volume of encrrypted traffic is coming from unknown IPs

D. Increasing amount of data exfiltration

71 / 128

What is a possible malicious intention for an attacker purchasing a domain similar to a legitimate one?

A. To host a website providing correct information.

B. To gain recognition in the business community.

C. To host a malicious website intending to install malware.

D. To assist users in finding the correct website.

72 / 128

Who sponsors Advanced Persistent Threats (APTs) and what is their characteristic?

A. They are sponsored by criminal syndicate and target specific companies.

B. They are sponsored by state actors and launch general attacks for personal gains.

C. They are sponsored by state actors and launch targeted, sophisticated attacks over long periods.

D. They are sponsored by script kiddies and target specific organizations to exfiltrate data.

73 / 128

Which types of attacks are most effective when exploiting authority?

A. Impersonation, whaling, and vishing

B. Phishing, spoofing, and man-in-the-middle

C. Baiting, tailgating, and shoulder surfing

D. DDoS, ransomware, and zero-day exploit

74 / 128

What is a common use of file/code repositories in the realm of cybersecurity?

A. To store private information of a company

B. To automate vulnerability management

C. To provide a location for prewritten code that developers can use for a variety of purposes, including gathering intelligence

D. To offer predictive analysis techniques

75 / 128

Which of the following is NOT a reported name for an APT sponsored by the Russian government?

A. Fancy Bear

B. Cozy Bear

C. Venomous Bear

D. Alpha Bear

76 / 128

What is the technique called ’Bracketing’ that is used by social engineers?

A. Giving a false statement hoping that the target corrects him.

B. Stating a specific number or a range of numbers to elicit correct information.

C. Encouraging a target to talk more by using reflective questioning.

D. Using active listening to encourage a target to keep talking.

77 / 128

What is the primary purpose of a virus?

A. To replicate and deliver its payload

B. To provide user with unauthorized access

C. To display pop-up advertisements

D. To download third-party applications

78 / 128

What is one way to minimize the effectiveness of social engineering attacks?

A. Ignoring all unexpected communications

B. Responding aggressively to potential attackers

C. Teaching users about social engineering tactics and underlying principles

D. Increasing the technical complexity of the system

79 / 128

What technique do attackers often use along with malware?

A. Social engineering

B. AI algorithms

C. Firewall breaches

D. Intrusion Detection Systems

80 / 128

Which one of the following statements elucidates the ’upgrade’ phishing technique?

A. An email claiming to be from a bank and asking to verify account details

B. A prompt asking to upgrade a software for better functionality

C. An email with a hyperlink disguised as a reputable source

D. An email warning about a security risk and necessity of a password change

81 / 128

According to the text, which of the following is NOT a method used by social engineers to gain unauthorized access or information?

A. Impersonating authorized personnel

B. Leveraging authority or flattery

C. Utilizing malware or phishing tactics

D. Physically stealing user credentials

82 / 128

Which of the following statements about cybersecurity conferences is true according to the text?

A. They last for seven to ten days

B. They are hosted by a single organization

C. They allow attendees to choose what workshops they want to attend

D. They are not reliable source of cybersecurity information

83 / 128

What is one of the reasons an attacker might purchase a domain similar to a legitimate one?

A. To use it for personal blogging

B. To resell the domain to the original owner at a profit

C. To create a fan site

D. To use as a backup for their own legitimate website

84 / 128

What is hybrid warfare and how is it applied in influence campaigns?

A. It is a military strategy that is only utilized on the battlefield.

B. It is a blend of conventional warfare and social media strategies.

C. It is a blend of conventional warfare with unconventional methods to influence people.

D. It is a strategy used by women during suffrage movement.

85 / 128

Which of the following best describes the main purpose of spyware?

A. To improve system performance

B. To facilitate user interface customization

C. To gather user information without their consent

D. To protect user data from external threats

86 / 128

What can be expected when you opt out of email services from a legitimate company?

A. You will continue to receive emails as before

B. Your email address will be sold to other companies

C. You will no longer receive any more emails from that company

D. You will receive more spam

87 / 128

What can be a strong indicator of infection in a network regarding traffic to specific IPs?

A. Firewall logs indicate traffic attempting to access blacklisted IPs

B. There is a notably large amount of incoming email

C. The connected IP addresses are unknown or from a different geographic location

D. There is an abnormal decrease in traffic to specific IPs

88 / 128

Which of the following best describes the primary difference between a worm and a virus?

A. A worm requires user interaction to run.

B. A worm attaches itself to an application and runs when the application is started.

C. A worm consumes more network bandwidth.

D. A worm is not a self-replicating malware.

89 / 128

Which types of attacks can be launched via email according to the provided text?

A. Spam and malware

B. Phishing and vishing

C. Smishing and spear phishing

D. All of the above

90 / 128

What is the purpose of using file integrity monitors in antivirus scanners?

A. To detect ransomware attacks.

B. To detect modified system files.

C. To speed up the virus scanning process.

D. To protect the antivirus software from being deleted.

91 / 128

What is the classic Nigerian scam (also called a 419 scam) usually about?

A. Telling the recipient they’ve won a lottery

B. Requesting a relative or acquaintance to access funds

C. Scammers seeking money for a business investment

D. Asking for payment for a product that will never be delivered

92 / 128

What type of cyber attack leverages the authority of legal entities to coerce executives into opening malicious attachments?

A. Impersonation

B. Vishing

C. Phishing

D. Whaling

93 / 128

What is the potential risk associated with opening a malicious attachment associated with invoice scams?

A. The user might get contact from a debt collection agency

B. The user might have to face legal action from the criminals

C. The user’s system might get infected with ransomware or other malware

D. The user may receive a cease and desist letter from the criminals

94 / 128

Which of the following correctly describes the Dark Web?

A. It is a publicly accessible part of the internet.

B. It is a sector of the web that requires specific software or authentication to access.

C. It is an open standard for defining a set of services used to share information.

D. It is a vulnerability database maintained by the U.S. government.

95 / 128

What is hybrid warfare?

A. A form of combat that only takes place on battlefields

B. A military strategy combining conventional warfare with unconventional methods to influence people

C. A type of warfare that involves using social media to spread misinformation

D. A method used by women in the early 1900s to attain the right to vote

96 / 128

What is the goal of impersonation by social engineers according to the text?

A. To convince an authorized user to provide some information or help the attacker defeat a security control.

B. To install hardware such as a rogue access point to capture data.

C. To impersonate legitimate organizations over the phone.

D. To use identity verification methods to prevent the success of impersonation attacks.

97 / 128

How do criminals impersonate your friends through email according to the text?

A. They physically hack into your friends’ computers and send emails from there

B. They send emails to you which include your friends’ names in the subject block while using a different email address

C. They solicit a friend’s permission to use their email for sending messages

D. They create emails with your friends’ names in the ’From’ block but use unrelated email addresses

98 / 128

What does the term ’gaslighting’ mean in the context of information security?

A. It refers to a tactic where cyber criminals create a web of legitimate looking websites to spread false information.

B. It is a form of psychological manipulation where the manipulator tries to replace one idea or belief with another one.

C. It refers to the act of cyber criminals creating realistic virtual environments to lure victims into a trap.

D. It is a technique where a hacker manipulates network signals to disrupt communication.

99 / 128

Which of the following is NOT an indicator of a malware-infected system based on the provided text?

A. The system runs slower

B. The system starts unknown processes

C. The system sends out email without user action

D. The system operates faster

100 / 128

What is a common delivery method for a Remote Access Trojan (RAT)?

A. Through physical installation by the attacker

B. Via postal delivery

C. Through peer-to-peer networks

D. Via drive-by downloads or malicious email attachments

101 / 128

What is the purpose of the Trusted Automated eXchange of Indicator Information (TAXII)?

A. Identifies what cyber threat information organizations should share

B. Defines a set of services and message exchanges used to share information

C. Is an area of the Internet that you won’t find using a search engine

D. Provides a visual representation of active threats

102 / 128

Which of the following is NOT a technique used by fileless malware?

A. Memory code injection

B. Script-based techniques

C. Windows Registry manipulation

D. Disk partitioning

103 / 128

Which of the following is used by social engineers during elicitation to encourage a target to speak more ?

A. Making loud noises

B. Continuous interrupting

C. Active listening

D. Ignoring the target

104 / 128

Which of the following best describes a ’Black Hat’ as discussed in the given text?

A. An attacker who launches cyberattacks for fun or out of boredom, without any particular goal.

B. An activist group that raises awareness about social and political issues by launching cyberattacks.

C. A group of highly organized attackers, typically sponsored by nation-states or governments, that engage in targeted cyberattacks over a long period of time.

D. A group of individuals involved in cybercrime with the primary motivation of making money.

105 / 128

What is the primary function of a beacon in an email phishing attack?

A. To inject malware into the recipient’s system

B. To verify the validity of recipient’s email address

C. To encrypt email content

D. To spread the same email to other users in the recipient’s contact list

106 / 128

What is the primary purpose of Cuckoo Sandbox?

A. To analyze files in real-time

B. To provide a step-by-step tutorial for handling malware

C. To analyze suspicious files and URLs

D. To replace anti-virus software

107 / 128

What is the purpose of ’active listening’ in the context of social engineering?

A. To distract the target with complex dialogue

B. To encourage the target to continue talking by giving them your full attention

C. To confuse the target by repeating their words and phrases

D. To intimidate the target through aggressive questioning

108 / 128

What defines an Advanced Persistent Threat (APT) in the cyber security context?

A. An attacker who uses existing computer scripts or code to launch attacks.

B. An organized and sophisticated group of threat actors often sponsored by nation-states or governments.

C. An individual proficient with computers who attacks systems for personal gain.

D. A group of individuals involved in criminal activities with the primary motivation of money.

109 / 128

Which of the following best describes a ’hacktivist’ as presented in the provided text?

A. An attacker who uses existing computer scripts or code to launch attacks out of boredom.

B. An organised group authorised by their respective nation-states to carry out specific cyber attacks on certain targets.

C. An individual or group involved in criminal activities primarily motivated by earning money.

D. An attacker who launches cyber attacks as part of an activist movement or to raise awareness about certain causes.

110 / 128

What is the difference between identity theft and identity fraud based on the provided text?

A. Identity theft refers to stealing personal information while identity fraud refers to misuse of this stolen information.

B. Identity theft occurs when someone applies for a loan using someone else’s information, while identity fraud refers to stealing someone’s identification.

C. Identity fraud refers to the act of stealing someone’s identity, while identity theft refers to the misuse of someone’s stolen identity.

D. Identity theft and identity fraud both refer to the act of stealing personal information.

111 / 128

What does the term ’consensus’ refer to in the context of cyber threats?

A. A mutual agreement between two systems to authorize data exchange.

B. The technique where criminals manipulate users by creating an illusion of social approval for their fraudulent products or software.

C. The process through which multiple systems verify and validate a transaction in a blockchain network.

D. A procedure for decision-making within a group, allowing the group to issue a collective response.

112 / 128

Why might encrypted traffic be considered an indicator of a malware attack?

A. Encrypted traffic always indicates an attack

B. Encrypted messages can’t be read by data loss prevention (DLP) systems

C. Encrypted data takes longer to download

D. Encrypted data requires more storage

113 / 128

What is the primary goal of a watering hole attack?

A. To infect the maximum number of websites with malware

B. To discover the browsing habits of a group of people

C. To infect a trusted website with malware and target its visitors

D. To expose zero-day vulnerabilities in various websites

114 / 128

How soon can an attacker typically begin lateral movement within a network after the initial infection?

A. Less than two hours

B. Over four hours

C. After 24 hours

D. Almost immediately without any delay

115 / 128

Which of the following resources is especially true for finding reliable information on vulnerabilities and patches used to fix them?

A. Conferences

B. Social Media

C. Vendor websites

D. Local industry groups

116 / 128

What is an Advanced Persistent Threat (APT) typically characterized by?

A. They are typically bored individuals with a lack of sophistication who launch attacks for fun

B. They are typically involved in crime for the sole purpose of making money

C. They are typically groups of organized threat actors that engage in targeted attacks against organizations over long periods of time

D. They are typically involved in activist movements and launch attacks to raise awareness about causes

117 / 128

What is the classic method of credential harvesting used by attackers?

A. Through brute force attacks

B. By asking users directly

C. Through advanced encryption techniques

D. By hacking into database servers

118 / 128

Which of the following is a viable solution to prevent spear phishing attacks?

A. Changing password frequently

B. Ignoring all emails from the CEO

C. Using digital signatures

D. Limiting email usage

119 / 128

Why is it important to verify information shared in social media groups before acting on it as a cybersecurity personnel?

A. Because social media groups are often fraudulent

B. Because social media groups are authoritative and official

C. Because social media groups aren’t authoritative and can contain inexact information

D. Because social media groups often contain irrelevant information

120 / 128

What is one of the main benefits of Peer-to-Peer (P2P) botnets from the perspective of a cybercriminal?

A. P2P networks are difficult for legal professionals to take down

B. P2P networks make it easy to upload commands to the infected computers

C. P2P networks are less detectable than Internet Relay Chat (IRC) networks

D. P2P networks allow bots to securely communicate with each other

121 / 128

What is a logic bomb?

A. A physical device programmed with malicious software

B. A string of code embedded into an application that executes in response to an event

C. A network error caused by an overload of data packets

D. A type of virus that continuously duplicates itself

122 / 128

What is a significant challenge when encountering Spam over Internet Messaging (SPIM)?

A. It needs your email address to function.

B. It cannot spread malware.

C. It bypasses typical antivirus and spam filters.

D. It requires a specific messaging app to work.

123 / 128

According to the passage, how do social engineers try to gain the trust of their victims?

A. By claiming to be a security expert

B. By showing the victim error messages on their own computer

C. By offering to help fix the victim’s computer

D. All of the above

124 / 128

What is ’vishing’ in the context of cyber security?

A. A form of phishing that uses video messages

B. A form of phishing that uses voice messages or phone calls

C. A type of virus that can affect voice recording technology

D. A method of stealing personal information through social media

125 / 128

What are some common types of Open Source Intelligence (OSINT)?

A. Vulnerability databases and the dark web

B. Trade secrets and intellectual property

C. Cyber threat maps and closed source intelligence

D. Vulnerability databases and proprietary systems

126 / 128

What is NOT a common type of Open Source Intelligence (OSINT) as described in the text?

A. Dark Web

B. National Vulnerability Database (NVD)

C. STIX and TAXII standards

D. Insider Trading Reports

127 / 128

What is the main difference between ransomware and cryptomalware?

A. Ransomware locks out users whereas cryptomalware encrypts data

B. Ransomware encrypts data whereas cryptomalware locks out users

C. Ransomware delivers via email whereas cryptomalware does via drive-by downloads

D. Cryptomalware was originally focused on individuals while ransomware aims larger organizations

128 / 128

What is one way to thwart keyloggers as discussed in the text?

A. Using complex passwords

B. Changing passwords regularly

C. Using antivirus software

D. Using two-factor authentication (2FA)

Your score is

Dowload the FREE OFFLINE Version of this Test Bank

Boost your cybersecurity skills! Click to download the CompTIA Security+ Practice Anki deck.

Free CompTIA Security+ Practice:Chapter 6 – Comparing Threats, Vulnerabilities, and Common Attacks

Boost your IT skills with our free CompTIA Security+ practice test focusing on Chapter 06: Comparing Threats, Vulnerabilities, and Common Attacks. Whether you’re entering the IT industry or advancing in cyber security, our resources are here to help you succeed in the CompTIA Exam.

Why Choose Our CompTIA Security+ Practice Test?

Skill Enhancement:

Covers essential knowledge of threats, vulnerabilities, and common attacks crucial for the CompTIA Exam.

Career Advancement:

Passing the CompTIA Security+ exam can open doors to new job opportunities and significant career changes in the IT industry.

Vulnerability Management:

Master the art of identifying and mitigating threats and vulnerabilities, a key skill in cyber security.

Free Anki Deck Download

Download our free Anki Deck, reviewed by industry expert Josh Madakor, who has extensive experience in IT and cyber security, including work with Microsoft and government sectors. Learn more about Anki on the official site.

Get Started with Your IT Career Change Today!

Visit the CompTIA Security+ official site and the CompTIA Network+ official site for more information.

Chapter 06 – Comparing Threats, Vulnerabilities, and Common Attacks

Dowload the FREE OFFLINE Version of this Test Bank

Free CompTIA Security+ Practice:Chapter 6 – Comparing Threats, Vulnerabilities, and Common Attacks

Why Choose Our CompTIA Security+ Practice Test?

Skill Enhancement:

Career Advancement:

Vulnerability Management:

Free Anki Deck Download

Explore our other free practice tests:

Related Posts

The Affordable, Hands-On Josh Madakor IT Course that gets Results!

The Affordable, Hands-On Cyber Security that gets Results!

JOIN OUR

NEWSLETTER