CompTIA Certmaster CE Security+ Domain 2.0
Threats, Vulnerabilities, and Mitigations
Assessment
A security analyst is investigating a security breach in a network system that involves
unauthorized access to user credentials and reusing them multiple times. What is the
MOST likely type of attack that has occurred?
Golden ticket attacks
Pass the ticket attacks
Buffer overflow attacks
Credential replay - ✔✔ - not B, prob
D. Credential replay
What technique does the threat actor use in a Bluetooth network attack to transmit
malicious files to a user's device?
Physically stealing a PC or laptop to execute the attack
Spoofing a trusted access point to gain unauthorized access
Obtaining credentials for remote access to the network
Exploiting vulnerabilities or misconfigurations in the Bluetooth protocol - ✔✔ - D.
Exploiting vulnerabilities or misconfigurations in the Bluetooth protocol
,A recent cyberattack led to massive disruptions in a country's power grid, causing
widespread blackouts and significant economic and social damage. The country's cyber
team traced the attack to a hostile nation-state's cyber warfare division. In this case,
what is the primary motivation of the perpetrators?
War
Financial gain
Ethical concerns
Levels of sophistication/capability - ✔✔ - A. War
A large corporation is assessing its cybersecurity practices by focusing on potential
security risks linked to hardware and firmware within the company's extensive network
of computer systems. For the IT department, which of the following strategies MOST
effectively mitigates the risks related to hardware and firmware security vulnerabilities?
Allow unrestricted hardware modifications for all employees.
Regularly update firmware to the latest, most secure versions.
Restrict all software updates to once a year to minimize disruptions.
Rely solely on perimeter defenses, like firewalls and intrusion detection systems. - ✔✔ -
B. Regularly update firmware to the latest, most secure versions.
A system administrator is upgrading a company's network security infrastructure and
notices several legacy machines running end-of-life operating systems (OS). These
, machines are no longer upgradeable as the developer has stopped issuing security
patches and updates. However, the machines are still necessary for certain critical
tasks. What is the system administrator's MOST effective course of action to reduce
potential security vulnerabilities caused by these legacy machines running end-of-life
operating systems?
Replace the legacy machines with modern machines.
Upgrade the software to make it compatible with a modern OS.
Isolate the legacy machines on a separate network segment.
Disable all network connections on the legacy machines. - ✔✔ - C. Isolate the legacy
machines on a separate network segment.
A cyber team is explaining to board members the concepts of sideloading and
jailbreaking as they pertain to mobile device security. The team aims to clarify the
practices and their implications. When discussing sideloading, what should the team
emphasize as the two primary characteristics of this practice? (Select the two best
options.)
It is a method used to gain elevated privileges and access to system files on mobile
devices.
It allows users to bypass restrictions implemented by Apple.
It refers to the installation of applications from sources other than the official application
store of the platform.
Threats, Vulnerabilities, and Mitigations
Assessment
A security analyst is investigating a security breach in a network system that involves
unauthorized access to user credentials and reusing them multiple times. What is the
MOST likely type of attack that has occurred?
Golden ticket attacks
Pass the ticket attacks
Buffer overflow attacks
Credential replay - ✔✔ - not B, prob
D. Credential replay
What technique does the threat actor use in a Bluetooth network attack to transmit
malicious files to a user's device?
Physically stealing a PC or laptop to execute the attack
Spoofing a trusted access point to gain unauthorized access
Obtaining credentials for remote access to the network
Exploiting vulnerabilities or misconfigurations in the Bluetooth protocol - ✔✔ - D.
Exploiting vulnerabilities or misconfigurations in the Bluetooth protocol
,A recent cyberattack led to massive disruptions in a country's power grid, causing
widespread blackouts and significant economic and social damage. The country's cyber
team traced the attack to a hostile nation-state's cyber warfare division. In this case,
what is the primary motivation of the perpetrators?
War
Financial gain
Ethical concerns
Levels of sophistication/capability - ✔✔ - A. War
A large corporation is assessing its cybersecurity practices by focusing on potential
security risks linked to hardware and firmware within the company's extensive network
of computer systems. For the IT department, which of the following strategies MOST
effectively mitigates the risks related to hardware and firmware security vulnerabilities?
Allow unrestricted hardware modifications for all employees.
Regularly update firmware to the latest, most secure versions.
Restrict all software updates to once a year to minimize disruptions.
Rely solely on perimeter defenses, like firewalls and intrusion detection systems. - ✔✔ -
B. Regularly update firmware to the latest, most secure versions.
A system administrator is upgrading a company's network security infrastructure and
notices several legacy machines running end-of-life operating systems (OS). These
, machines are no longer upgradeable as the developer has stopped issuing security
patches and updates. However, the machines are still necessary for certain critical
tasks. What is the system administrator's MOST effective course of action to reduce
potential security vulnerabilities caused by these legacy machines running end-of-life
operating systems?
Replace the legacy machines with modern machines.
Upgrade the software to make it compatible with a modern OS.
Isolate the legacy machines on a separate network segment.
Disable all network connections on the legacy machines. - ✔✔ - C. Isolate the legacy
machines on a separate network segment.
A cyber team is explaining to board members the concepts of sideloading and
jailbreaking as they pertain to mobile device security. The team aims to clarify the
practices and their implications. When discussing sideloading, what should the team
emphasize as the two primary characteristics of this practice? (Select the two best
options.)
It is a method used to gain elevated privileges and access to system files on mobile
devices.
It allows users to bypass restrictions implemented by Apple.
It refers to the installation of applications from sources other than the official application
store of the platform.
