CompTIA Security+ SYO-601 Post-Assessment Quiz Review - [Network Security] 90 Questions and Answers(A+ Solution guide)

Typically, certain employees of an organization get texts that update them on various IT activities. If there is a support ticket or downtime, they will receive texts to let them know about the activity. They have started to receive some messages via text instructing them to call the IT help desk at the provided number. When they call the help desk number, a recording asks them for their employee ID. Assuming that the IT department did not send those texts, which of the following social engineering attacks is this? - a. Smishing Which of the following social engineering attacks continues to be a primary weapon used by threat actors? - c. Phishing David, a software engineer, recently bought a brand new laptop because his enterprise follows the BYOD (bring your own device) model. David was part of a software development project where the software code was leaked before its release. Further investigation proved that a vulnerability in David's laptop caused the exposure. David insists he never used the laptop to access any network or integrate any devices, and the laptop was kept in a vault while not in use. Which of the following attack vectors was used by the threat actor? - c. Supply chain Which category of cybersecurity vulnerability is exploited by attackers before anyone else knows about it? - c. Zero day The company that developed the office productivity software used on both static and mobile devices by your organization has audited some code and noticed a potential security issue. To address the issue, they have released and automatically scheduled an update to ensure that all users receive it. Which of the following might still be vulnerable after the patch? - c. Firmware Which of the following types of hackers are strongly motivated by ideology? -c. HacktivistsWhich part of the NIST Cybersecurity frameworks defines the activities needed to attain the different cybersecurity results? - b. Framework core Which type of vulnerability scan mimics the work of a threat actor who has already exploited a vulnerability and compromised credentials to access the network? - b. Credentialed scan John is appointed as a vulnerability assessment engineer in a financial organization. An audit report published by a third-party auditing firm revealed that most of the web servers have cross-site scripting and XML entity injection vulnerabilities. John has been told to perform a vulnerability assessment on these servers to verify if the audit report is valid. He is also told that he should not attempt to engage or exploit any vulnerabilities. By applying his knowledge of vulnerability assessment concepts, which type of vulnerability scanning should John use? - d. Credentialed Quinton has been asked to analyze the TTPs of an attack that recently occurred and prepare an SOP to hunt for future treats. When researching the recent attack, Quinton discovered that after penetrating the system, the threat actor moved through the network using elevated credentials. Which technique was the threat actor using to move through the network? - b. Lateral movement Meta is a penetration testing engineer assigned to pen test the security firm's network. So far, she cannot tunnel through the network looking for additional systems accessible through advanced privileges. What should Meta do to gain repeated and long-term access to the system in the future? - b. Perform backdoor installation Shaun is an external penetration testing consultant. The Chief Information Security Officer (CISO) of the organization he is working with indicated that none of the internal higher management executives should receive any kind of spear-phishing emails during Shaun's testing. Which part of the rules of engagement would cover this limitation? - b. Internal targets