CompTIA Security+ (SY0-601) EXAM |\ |\ |\ |\
WITH ANSWERS |\
Phishing - CORRECT ANSWERS ✔✔A type of social
|\ |\ |\ |\ |\ |\ |\ |\
engineering attack often used to steal user data, |\ |\ |\ |\ |\ |\ |\ |\
including login credentials and credit card numbers.
|\ |\ |\ |\ |\ |\
Smishing - CORRECT ANSWERS ✔✔The act of committing
|\ |\ |\ |\ |\ |\ |\ |\
text message fraud to try to lure victims into revealing
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
account information or installing malware.
|\ |\ |\ |\
Vishing - CORRECT ANSWERS ✔✔An electronic fraud
|\ |\ |\ |\ |\ |\ |\
tactic in which individuals are tricked into revealing
|\ |\ |\ |\ |\ |\ |\ |\
critical financial or personal information to unauthorized
|\ |\ |\ |\ |\ |\ |\
entities.
Spam - CORRECT ANSWERS ✔✔An unsolicited bulk
|\ |\ |\ |\ |\ |\ |\
messages sent to multiple recipients who did not ask for
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
them.
Spam over instant messaging (SPIM) - CORRECT
|\ |\ |\ |\ |\ |\ |\
ANSWERS ✔✔Refers to unsolicited instant messages.
|\ |\ |\ |\ |\
,Spear phishing - CORRECT ANSWERS ✔✔An email or
|\ |\ |\ |\ |\ |\ |\ |\
electronic communications scam targeted towards a|\ |\ |\ |\ |\ |\
specific individual, organization or business.
|\ |\ |\ |\
Dumpster diving - CORRECT ANSWERS ✔✔A technique |\ |\ |\ |\ |\ |\ |\
used to retrieve information that could be used to carry
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
out an attack on a computer network.
|\ |\ |\ |\ |\ |\
Shoulder surfing - CORRECT ANSWERS ✔✔A direct
|\ |\ |\ |\ |\ |\ |\
observation techniques, such as looking over someone's |\ |\ |\ |\ |\ |\ |\
shoulder, to get information. |\ |\ |\
Pharming - CORRECT ANSWERS ✔✔A form of online fraud
|\ |\ |\ |\ |\ |\ |\ |\ |\
involving malicious code and fraudulent websites.
|\ |\ |\ |\ |\
Tailgating - CORRECT ANSWERS ✔✔A physical security
|\ |\ |\ |\ |\ |\ |\
breach in which an unauthorized person follows an
|\ |\ |\ |\ |\ |\ |\ |\
authorized individual to enter a secured premise. |\ |\ |\ |\ |\ |\
Eliciting information - CORRECT ANSWERS ✔✔A reporting
|\ |\ |\ |\ |\ |\ |\
format designed to elicit as much information as possible
|\ |\ |\ |\ |\ |\ |\ |\ |\
about individuals involved in a group or network.
|\ |\ |\ |\ |\ |\ |\
Whaling - CORRECT ANSWERS ✔✔A method used by
|\ |\ |\ |\ |\ |\ |\ |\
cybercriminals to masquerade as a senior player at an |\ |\ |\ |\ |\ |\ |\ |\ |\
,organization and directly target senior individuals, with
|\ |\ |\ |\ |\ |\ |\
the aim of stealing or gaining access to their computer
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
systems for criminal purposes.
|\ |\ |\
Prepending - CORRECT ANSWERS ✔✔A technique used to
|\ |\ |\ |\ |\ |\ |\ |\
deprioritize a route in a netork. |\ |\ |\ |\ |\
Identity fraud - CORRECT ANSWERS ✔✔A crime in which
|\ |\ |\ |\ |\ |\ |\ |\ |\
an imposter obtains key pieces of personally identifiable
|\ |\ |\ |\ |\ |\ |\ |\
information (PII) to impersonate someone else.
|\ |\ |\ |\ |\
Invoice scams - CORRECT ANSWERS ✔✔A fraudulent way
|\ |\ |\ |\ |\ |\ |\ |\
of receiving money or by prompting a victim to put their
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
credentials into a fake login screen. |\ |\ |\ |\ |\
Credential harvesting - CORRECT ANSWERS ✔✔The
|\ |\ |\ |\ |\ |\
process of gathering valid usernames, passwords, private
|\ |\ |\ |\ |\ |\ |\
emails, and email addresses through infrastructure
|\ |\ |\ |\ |\ |\
breaches.
Reconnaissance - CORRECT ANSWERS ✔✔A term for |\ |\ |\ |\ |\ |\ |\
testing for potential vulnerabilities in a computer
|\ |\ |\ |\ |\ |\ |\
network.
, Hoax - CORRECT ANSWERS ✔✔A message warning the
|\ |\ |\ |\ |\ |\ |\ |\
recipients of a non-existent computer virus threat.
|\ |\ |\ |\ |\ |\
Impersonation - CORRECT ANSWERS ✔✔A form of fraud in |\ |\ |\ |\ |\ |\ |\ |\
which attackers pose as a known or trusted person to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
dupe an employee into transferring money to a
|\ |\ |\ |\ |\ |\ |\ |\
fraudulent account, sharing sensitive information or
|\ |\ |\ |\ |\ |\
revealing login credentials. |\ |\
Watering hole attack - CORRECT ANSWERS ✔✔A targeted
|\ |\ |\ |\ |\ |\ |\ |\
attack designed to compromise users within a specific
|\ |\ |\ |\ |\ |\ |\ |\
industry by infecting websites they typically visit and
|\ |\ |\ |\ |\ |\ |\ |\
luring them to a malicious site.
|\ |\ |\ |\ |\
Typosquatting - CORRECT ANSWERS ✔✔A form of |\ |\ |\ |\ |\ |\ |\
cybersquatting which relies on mistakes such as typos |\ |\ |\ |\ |\ |\ |\ |\
made by Internet users when inputting a website address
|\ |\ |\ |\ |\ |\ |\ |\ |\
into a web browser.
|\ |\ |\
Pretexting - CORRECT ANSWERS ✔✔A form of social
|\ |\ |\ |\ |\ |\ |\ |\
engineering in which an individual lies to obtain privileged
|\ |\ |\ |\ |\ |\ |\ |\
data.
|\
Social media - CORRECT ANSWERS ✔✔A computer-based
|\ |\ |\ |\ |\ |\ |\
technology that allows the sharing of ideas, thoughts, and
|\ |\ |\ |\ |\ |\ |\ |\
information through the building of virtual networks.
|\ |\ |\ |\ |\ |\ |\
WITH ANSWERS |\
Phishing - CORRECT ANSWERS ✔✔A type of social
|\ |\ |\ |\ |\ |\ |\ |\
engineering attack often used to steal user data, |\ |\ |\ |\ |\ |\ |\ |\
including login credentials and credit card numbers.
|\ |\ |\ |\ |\ |\
Smishing - CORRECT ANSWERS ✔✔The act of committing
|\ |\ |\ |\ |\ |\ |\ |\
text message fraud to try to lure victims into revealing
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
account information or installing malware.
|\ |\ |\ |\
Vishing - CORRECT ANSWERS ✔✔An electronic fraud
|\ |\ |\ |\ |\ |\ |\
tactic in which individuals are tricked into revealing
|\ |\ |\ |\ |\ |\ |\ |\
critical financial or personal information to unauthorized
|\ |\ |\ |\ |\ |\ |\
entities.
Spam - CORRECT ANSWERS ✔✔An unsolicited bulk
|\ |\ |\ |\ |\ |\ |\
messages sent to multiple recipients who did not ask for
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
them.
Spam over instant messaging (SPIM) - CORRECT
|\ |\ |\ |\ |\ |\ |\
ANSWERS ✔✔Refers to unsolicited instant messages.
|\ |\ |\ |\ |\
,Spear phishing - CORRECT ANSWERS ✔✔An email or
|\ |\ |\ |\ |\ |\ |\ |\
electronic communications scam targeted towards a|\ |\ |\ |\ |\ |\
specific individual, organization or business.
|\ |\ |\ |\
Dumpster diving - CORRECT ANSWERS ✔✔A technique |\ |\ |\ |\ |\ |\ |\
used to retrieve information that could be used to carry
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
out an attack on a computer network.
|\ |\ |\ |\ |\ |\
Shoulder surfing - CORRECT ANSWERS ✔✔A direct
|\ |\ |\ |\ |\ |\ |\
observation techniques, such as looking over someone's |\ |\ |\ |\ |\ |\ |\
shoulder, to get information. |\ |\ |\
Pharming - CORRECT ANSWERS ✔✔A form of online fraud
|\ |\ |\ |\ |\ |\ |\ |\ |\
involving malicious code and fraudulent websites.
|\ |\ |\ |\ |\
Tailgating - CORRECT ANSWERS ✔✔A physical security
|\ |\ |\ |\ |\ |\ |\
breach in which an unauthorized person follows an
|\ |\ |\ |\ |\ |\ |\ |\
authorized individual to enter a secured premise. |\ |\ |\ |\ |\ |\
Eliciting information - CORRECT ANSWERS ✔✔A reporting
|\ |\ |\ |\ |\ |\ |\
format designed to elicit as much information as possible
|\ |\ |\ |\ |\ |\ |\ |\ |\
about individuals involved in a group or network.
|\ |\ |\ |\ |\ |\ |\
Whaling - CORRECT ANSWERS ✔✔A method used by
|\ |\ |\ |\ |\ |\ |\ |\
cybercriminals to masquerade as a senior player at an |\ |\ |\ |\ |\ |\ |\ |\ |\
,organization and directly target senior individuals, with
|\ |\ |\ |\ |\ |\ |\
the aim of stealing or gaining access to their computer
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
systems for criminal purposes.
|\ |\ |\
Prepending - CORRECT ANSWERS ✔✔A technique used to
|\ |\ |\ |\ |\ |\ |\ |\
deprioritize a route in a netork. |\ |\ |\ |\ |\
Identity fraud - CORRECT ANSWERS ✔✔A crime in which
|\ |\ |\ |\ |\ |\ |\ |\ |\
an imposter obtains key pieces of personally identifiable
|\ |\ |\ |\ |\ |\ |\ |\
information (PII) to impersonate someone else.
|\ |\ |\ |\ |\
Invoice scams - CORRECT ANSWERS ✔✔A fraudulent way
|\ |\ |\ |\ |\ |\ |\ |\
of receiving money or by prompting a victim to put their
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
credentials into a fake login screen. |\ |\ |\ |\ |\
Credential harvesting - CORRECT ANSWERS ✔✔The
|\ |\ |\ |\ |\ |\
process of gathering valid usernames, passwords, private
|\ |\ |\ |\ |\ |\ |\
emails, and email addresses through infrastructure
|\ |\ |\ |\ |\ |\
breaches.
Reconnaissance - CORRECT ANSWERS ✔✔A term for |\ |\ |\ |\ |\ |\ |\
testing for potential vulnerabilities in a computer
|\ |\ |\ |\ |\ |\ |\
network.
, Hoax - CORRECT ANSWERS ✔✔A message warning the
|\ |\ |\ |\ |\ |\ |\ |\
recipients of a non-existent computer virus threat.
|\ |\ |\ |\ |\ |\
Impersonation - CORRECT ANSWERS ✔✔A form of fraud in |\ |\ |\ |\ |\ |\ |\ |\
which attackers pose as a known or trusted person to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
dupe an employee into transferring money to a
|\ |\ |\ |\ |\ |\ |\ |\
fraudulent account, sharing sensitive information or
|\ |\ |\ |\ |\ |\
revealing login credentials. |\ |\
Watering hole attack - CORRECT ANSWERS ✔✔A targeted
|\ |\ |\ |\ |\ |\ |\ |\
attack designed to compromise users within a specific
|\ |\ |\ |\ |\ |\ |\ |\
industry by infecting websites they typically visit and
|\ |\ |\ |\ |\ |\ |\ |\
luring them to a malicious site.
|\ |\ |\ |\ |\
Typosquatting - CORRECT ANSWERS ✔✔A form of |\ |\ |\ |\ |\ |\ |\
cybersquatting which relies on mistakes such as typos |\ |\ |\ |\ |\ |\ |\ |\
made by Internet users when inputting a website address
|\ |\ |\ |\ |\ |\ |\ |\ |\
into a web browser.
|\ |\ |\
Pretexting - CORRECT ANSWERS ✔✔A form of social
|\ |\ |\ |\ |\ |\ |\ |\
engineering in which an individual lies to obtain privileged
|\ |\ |\ |\ |\ |\ |\ |\
data.
|\
Social media - CORRECT ANSWERS ✔✔A computer-based
|\ |\ |\ |\ |\ |\ |\
technology that allows the sharing of ideas, thoughts, and
|\ |\ |\ |\ |\ |\ |\ |\
information through the building of virtual networks.
|\ |\ |\ |\ |\ |\ |\
