Comptia Certmaster CE Security+ Domain 2.0 Threats,
Vulnerabilities, And Mitigations Assessment Study
Guide & Real Exam Question with Verified Answers |
Instant Digital Access
During a cybersecurity attack, how would a threat actor use image files as a lure to target a
vulnerability in a browser or document editing software? - SELECTED ANSWER 👀 *** A
.The threat actor conceals exploit code within an image file that targets a vulnerability in the
browser or document editing software.
The security team at a tech company receives a notification regarding a sudden increase in
the number of system logs generated. The system is generating logs at unusual times
outside regular business hours. The company follows a well-documented security protocol.
What does the sudden increase in the logging activity indicate? - SELECTED ANSWER 👀
*** B. Out-of-cycle logging
An employee of a tech firm decides to leak confidential information to the public, revealing
that the firm has been engaging in questionable privacy practices. The employee does not
seek to profit from this action but believes the public has a right to know. What primarily
motivates this type of threat actor? - SELECTED ANSWER 👀 *** A. Ethical concerns
A threat actor can infiltrate an organization's network and silently extract sensitive
proprietary data without detection. The data has a high value on the black market. Which
motivations BEST align with this threat actor's likely objective? - SELECTED ANSWER 👀
*** B. Data exfiltration
A recent cyberattack led to massive disruptions in a country's power grid, causing
widespread blackouts and significant economic and social damage. The country's cyber
, team traced the attack to a hostile nation-state's cyber warfare division. In this case, what is
the primary motivation of the perpetrators? - SELECTED ANSWER 👀 *** A. War
A threat actor gains physical access to an organization's premises and attempts to
perpetrate an attack on the wired network. What specific threat vectors associated with
unsecured networks are likely used by the threat actor in this scenario? - SELECTED
ANSWER 👀 *** B. Direct access
During a regular workday, a network administrator notices multiple users report their inability
to access certain resources within the network. The affected resources are either websites
or documents that were previously accessible. What could be causing this unusual
behavior? - SELECTED ANSWER 👀 *** B. Network congestion (incorrect)
C. Blocked content
D. Server downtime (incorrect)
The cybersecurity team at a large company has recently uncovered evidence of a
successful malicious cryptographic attack on their data servers facilitated by a
misconfiguration in the cryptographic systems. What is the MOST appropriate initial
response that the team should employ to address this critical security issue? - SELECTED
ANSWER 👀 *** B. Correct the misconfiguration, implementing secure cryptographic
controls.
What technique does the threat actor use in a Bluetooth network attack to transmit
malicious files to a user's device? - SELECTED ANSWER 👀 *** D. Exploiting
vulnerabilities or misconfigurations in the Bluetooth protocol
A prominent multinational corporation has experienced an unexpected spike in unauthorized
network traffic aimed at its web servers. Upon investigation, the corporation discovered that
the goal of this traffic was to disrupt its online services rather than gain unauthorized access
or steal data. The attack started shortly after the corporation made a controversial policy
Vulnerabilities, And Mitigations Assessment Study
Guide & Real Exam Question with Verified Answers |
Instant Digital Access
During a cybersecurity attack, how would a threat actor use image files as a lure to target a
vulnerability in a browser or document editing software? - SELECTED ANSWER 👀 *** A
.The threat actor conceals exploit code within an image file that targets a vulnerability in the
browser or document editing software.
The security team at a tech company receives a notification regarding a sudden increase in
the number of system logs generated. The system is generating logs at unusual times
outside regular business hours. The company follows a well-documented security protocol.
What does the sudden increase in the logging activity indicate? - SELECTED ANSWER 👀
*** B. Out-of-cycle logging
An employee of a tech firm decides to leak confidential information to the public, revealing
that the firm has been engaging in questionable privacy practices. The employee does not
seek to profit from this action but believes the public has a right to know. What primarily
motivates this type of threat actor? - SELECTED ANSWER 👀 *** A. Ethical concerns
A threat actor can infiltrate an organization's network and silently extract sensitive
proprietary data without detection. The data has a high value on the black market. Which
motivations BEST align with this threat actor's likely objective? - SELECTED ANSWER 👀
*** B. Data exfiltration
A recent cyberattack led to massive disruptions in a country's power grid, causing
widespread blackouts and significant economic and social damage. The country's cyber
, team traced the attack to a hostile nation-state's cyber warfare division. In this case, what is
the primary motivation of the perpetrators? - SELECTED ANSWER 👀 *** A. War
A threat actor gains physical access to an organization's premises and attempts to
perpetrate an attack on the wired network. What specific threat vectors associated with
unsecured networks are likely used by the threat actor in this scenario? - SELECTED
ANSWER 👀 *** B. Direct access
During a regular workday, a network administrator notices multiple users report their inability
to access certain resources within the network. The affected resources are either websites
or documents that were previously accessible. What could be causing this unusual
behavior? - SELECTED ANSWER 👀 *** B. Network congestion (incorrect)
C. Blocked content
D. Server downtime (incorrect)
The cybersecurity team at a large company has recently uncovered evidence of a
successful malicious cryptographic attack on their data servers facilitated by a
misconfiguration in the cryptographic systems. What is the MOST appropriate initial
response that the team should employ to address this critical security issue? - SELECTED
ANSWER 👀 *** B. Correct the misconfiguration, implementing secure cryptographic
controls.
What technique does the threat actor use in a Bluetooth network attack to transmit
malicious files to a user's device? - SELECTED ANSWER 👀 *** D. Exploiting
vulnerabilities or misconfigurations in the Bluetooth protocol
A prominent multinational corporation has experienced an unexpected spike in unauthorized
network traffic aimed at its web servers. Upon investigation, the corporation discovered that
the goal of this traffic was to disrupt its online services rather than gain unauthorized access
or steal data. The attack started shortly after the corporation made a controversial policy
