COMPTIA CERTMASTER CE SECURITY+ DOMAIN 2.0 THREATS,
VULNERABILITIES, AND MITIGATIONS ASSESSMENT
A security analyst is investigating a security breach in a network system that
involves unauthorized access to user credentials and reusing them multiple
times. What is the MOST likely type of attack that has occurred?
Golden ticket attacks
Pass the ticket attacks
Buffer overflow attacks
Credential replay - ANSWER-not B, prob
D. Credential replay
What technique does the threat actor use in a Bluetooth network attack to
transmit malicious files to a user's device?
Physically stealing a PC or laptop to execute the attack
Spoofing a trusted access point to gain unauthorized access
Obtaining credentials for remote access to the network
Exploiting vulnerabilities or misconfigurations in the Bluetooth protocol -
ANSWER-D. Exploiting vulnerabilities or misconfigurations in the Bluetooth
protocol
,A recent cyberattack led to massive disruptions in a country's power grid,
causing widespread blackouts and significant economic and social damage. The
country's cyber team traced the attack to a hostile nation-state's cyber warfare
division. In this case, what is the primary motivation of the perpetrators?
War
Financial gain
Ethical concerns
Levels of sophistication/capability - ANSWER-A. War
A large corporation is assessing its cybersecurity practices by focusing on
potential security risks linked to hardware and firmware within the company's
extensive network of computer systems. For the IT department, which of the
following strategies MOST effectively mitigates the risks related to hardware and
firmware security vulnerabilities?
Allow unrestricted hardware modifications for all employees.
Regularly update firmware to the latest, most secure versions.
Restrict all software updates to once a year to minimize disruptions.
Rely solely on perimeter defenses, like firewalls and intrusion detection systems.
- ANSWER-B. Regularly update firmware to the latest, most secure versions.
A system administrator is upgrading a company's network security infrastructure
and notices several legacy machines running end-of-life operating systems (OS).
These machines are no longer upgradeable as the developer has stopped issuing
security patches and updates. However, the machines are still necessary for
certain critical tasks. What is the system administrator's MOST effective course
, of action to reduce potential security vulnerabilities caused by these legacy
machines running end-of-life operating systems?
Replace the legacy machines with modern machines.
Upgrade the software to make it compatible with a modern OS.
Isolate the legacy machines on a separate network segment.
Disable all network connections on the legacy machines. - ANSWER-C. Isolate
the legacy machines on a separate network segment.
A cyber team is explaining to board members the concepts of sideloading and
jailbreaking as they pertain to mobile device security. The team aims to clarify
the practices and their implications. When discussing sideloading, what should
the team emphasize as the two primary characteristics of this practice? (Select
the two best options.)
It is a method used to gain elevated privileges and access to system files on
mobile devices.
It allows users to bypass restrictions implemented by Apple.
It refers to the installation of applications from sources other than the official
application store of the platform.
It does not undergo the same scrutiny and vetting process as those on official
application stores. - ANSWER-Not A. It is a method used to gain elevated
privileges and access to system files on mobile devices.
possibly D. It does not undergo the same scrutiny and vetting process as those
on official application stores.
VULNERABILITIES, AND MITIGATIONS ASSESSMENT
A security analyst is investigating a security breach in a network system that
involves unauthorized access to user credentials and reusing them multiple
times. What is the MOST likely type of attack that has occurred?
Golden ticket attacks
Pass the ticket attacks
Buffer overflow attacks
Credential replay - ANSWER-not B, prob
D. Credential replay
What technique does the threat actor use in a Bluetooth network attack to
transmit malicious files to a user's device?
Physically stealing a PC or laptop to execute the attack
Spoofing a trusted access point to gain unauthorized access
Obtaining credentials for remote access to the network
Exploiting vulnerabilities or misconfigurations in the Bluetooth protocol -
ANSWER-D. Exploiting vulnerabilities or misconfigurations in the Bluetooth
protocol
,A recent cyberattack led to massive disruptions in a country's power grid,
causing widespread blackouts and significant economic and social damage. The
country's cyber team traced the attack to a hostile nation-state's cyber warfare
division. In this case, what is the primary motivation of the perpetrators?
War
Financial gain
Ethical concerns
Levels of sophistication/capability - ANSWER-A. War
A large corporation is assessing its cybersecurity practices by focusing on
potential security risks linked to hardware and firmware within the company's
extensive network of computer systems. For the IT department, which of the
following strategies MOST effectively mitigates the risks related to hardware and
firmware security vulnerabilities?
Allow unrestricted hardware modifications for all employees.
Regularly update firmware to the latest, most secure versions.
Restrict all software updates to once a year to minimize disruptions.
Rely solely on perimeter defenses, like firewalls and intrusion detection systems.
- ANSWER-B. Regularly update firmware to the latest, most secure versions.
A system administrator is upgrading a company's network security infrastructure
and notices several legacy machines running end-of-life operating systems (OS).
These machines are no longer upgradeable as the developer has stopped issuing
security patches and updates. However, the machines are still necessary for
certain critical tasks. What is the system administrator's MOST effective course
, of action to reduce potential security vulnerabilities caused by these legacy
machines running end-of-life operating systems?
Replace the legacy machines with modern machines.
Upgrade the software to make it compatible with a modern OS.
Isolate the legacy machines on a separate network segment.
Disable all network connections on the legacy machines. - ANSWER-C. Isolate
the legacy machines on a separate network segment.
A cyber team is explaining to board members the concepts of sideloading and
jailbreaking as they pertain to mobile device security. The team aims to clarify
the practices and their implications. When discussing sideloading, what should
the team emphasize as the two primary characteristics of this practice? (Select
the two best options.)
It is a method used to gain elevated privileges and access to system files on
mobile devices.
It allows users to bypass restrictions implemented by Apple.
It refers to the installation of applications from sources other than the official
application store of the platform.
It does not undergo the same scrutiny and vetting process as those on official
application stores. - ANSWER-Not A. It is a method used to gain elevated
privileges and access to system files on mobile devices.
possibly D. It does not undergo the same scrutiny and vetting process as those
on official application stores.
