COMPTIA SECURITY+ CERTIFICATION PRACTICE TEST 9&10|UPDATED&VERIFIED|100% SOLVED|GUARANTEED SUCCESS

The practice of gaining unauthorized access to a Bluetooth device is referred to as: Bluesnarfing What is war chalking? Marking unsecured wireless networks Which of the following answers refers to an attack aimed at exploiting the vulnerability of WEP Smurf attack Which of the following technologies simplifies configuration of new wireless networks by providing non-technical users with a capability to easily configure network security settings and add new devices to an existing network? WPS Which of the following answers refers to a Wi-Fi Protected Setup (WPS) exploit PIN recovery Which of the following wireless security features are not recommended and should be disabled due to their known vulnerabilities? WPS, WEP Which of the following actions allows an attacker to exploit the XSS vulnerability? Code injection Which of the following answers lists a common target of cross-site scripting? Dynamic web pages Which of the following answers refers to a countermeasure against code injection? Input validation Which of the following answers refers to an HTTP exploit which allows attackers to access restricted directories and execute commands outside of the web server's root directory? Directory traversal attack A temporary area of memory allocated with a fixed size for holding data while it's waiting to be transferred to another location is called Buffer A type of attack aimed at exploiting vulnerability that is present in already released software but unknown to the software developer is known as: Zero-day attack Which of the following acronyms refers to flash cookies? LSO Which of the following exploits relies on overwriting the contents of memory in order to cause unpredictable results in an application? Buffer overflow Which of the following answers lists a term used to describe the process of securing a computer system? Hardening Which of the following security control types fall(s) into the category of detection controls IDS,Surveillance camera The process of OS hardening involves Disabling unnecessary,Password protection services,Disabling unnecessary accounts Which of the following security control types fall(s) into the category of preventative controls? IPS.Security guard A monitored host specifically designed to detect unauthorized access attempts is known as Honeypot Penetration testing: Bypasses security controls, Actively tests security controls,Exploits vulnerabilities Penetration test with the full prior knowledge on how the system that is to be tested works is known as White box Finding vulnerability in an application by feeding it incorrect input is known as Fuzzing Which of the following programming aspects are critical in secure application development process Input validation,Error and exception handling A system containing no valuable data used to divert the attacker's attention from corporate network is known as: Honeypot Which of the following answers refers to a user interface element on mobile devices controlling access to a device after the device is switched on Screen lock Which of the following answers refers to a privacy-related security risk connected with public sharing of pictures taken with smartphones? Embedded geotag Which of the following acronyms refers to a policy of permitting employees to bring personally owned mobile devices and to use those devices to access privileged company information and applications? BYOD The term Trusted OS refers to an operating system With enhanced security features A file-based representation of the state of a virtual machine at a given time is called Snapshot In computer security, a mechanism for safe execution of untested code or untrusted applications is referred to as Sandbox