SEC+ CERTMASTER CE EXAM
REVIEW QUESTIONS WITH
CORRECT DETAILED ANSWERS
Revealing database server configuration -Answer-A web application's code prevents the
output of any type of information when an error occurs during a request. The
development team cited security reasons as to why they developed the application in
this way. What sort of security issues did the team have concerns about in this case?
Replay attack -Answer-An intruder monitors an admin's unsecure connection to a server
and finds some required data, like a cookie file, that legitimately establishes a session
with a web server. What type of attack can the intruder perform with the cookie file?
Server-side request forgery -Answer-An attacker submitted a modified uniform resource
locator (URL) link to a website that eventually established connections to back-end
databases and exposed internal service configurations. The attacker did not hijack a
user to perform this attack. This describes which of the following types of attacks?
Cross-site Request Forgery (XSRF) -Answer-An attacker modified the HTML code of a
legitimate password-change web form, then hosted the .html file on the attacker's web
server. The attacker then emailed a URL link of the hosted file to a real user of the web
page. Once the user clicked the link, it changed the user's password to a value the
attacker set. Based on this information, what type of attack is the website vulnerable to?
-Key discovery
-Improper error handling -Answer-The latest web application, using default settings, is
currently accepting application programming interface (API) calls over HyperText
Transfer Protocol (HTTP). The environment has a moderate key management system.
Even with basic server security, the API connection is vulnerable to which of the
following? (Select all that apply.)
-Resource exhaustion
-Denial of service (DoS)
-more answers -Answer-Which of the following conditions are results of a SYN
(synchronize) flood attack? (Select all that apply.)
A shim -Answer-By compromising a Windows XP application that ran on a Windows 10
machine, an attacker installed persistent malware on a victim computer with local
administrator privileges. What should the attacker add to the registry, along with its files
added to the system folder, to execute this malware?
, Refactoring -Answer-Through what method can malware evade antivirus software
detection, so that the software no longer identifies the malware by its signature?
-A pass-the-hash attack
-A replay attack -Answer-A security engineer implemented once-only tokens and
timestamping sessions. What type of attacks can this type of security prevent? (Select
all that apply.)
A rogue access point (AP) -Answer-A security analyst's scans and network logs show
that unauthorized devices are connecting to the network. The analyst discovers a
tethered smartphone acting as a connection point to the network. Which behavior
describes the smartphone's role?
Bluesnarfing -Answer-An attacker used an exploit to steal information from a mobile
device, which allowed the attacker to circumvent the authentication process. Which of
the following attacks was used to exploit the mobile device?
-Disable the offending radio source.
-Boost the signal of the legitimate equipment. -Answer-An attacker used an illegal
access point (AP) with a very strong signal near a wireless network. If the attacker
performed a jamming attack, which of the following would mitigate this type of network
disruption? (Select all that apply.)
IV attacks -Answer-Wi-Fi Protected Access (WPA) fixes critical vulnerabilities in the
earlier wired equivalent privacy (WEP) standard. Understanding that WPA uses a
combination of an RC4 stream cipher and Temporal Key Integrity Protocol (TKIP), this
makes a wireless access point NOT vulnerable to which of the following attacks when
related to encrypted wireless packets?
A Man-in-the-Middle attack -Answer-A malicious user sniffed credentials exchanged
between two computers by intercepting communications between them. What type of
attack did the attacker execute?
Domain Name System (DNS) client cache poisoning -Answer-A hacker corrupted the
name:IP records held on the HOSTS file on a client, to divert traffic for a legitimate
domain to a malicious IP address. What type of attack did the hacker perform?
-Domain reputation
-URL redirections -Answer-External hackers have some access to a company's website
and made some changes. Customers have submitted multiple complaints via email for
wrong orders and inappropriate images on the website. The Chief Information Officer
(CIO) is now worried about the distribution of malware. The company should prepare for
which of the following other issues or concerns? (Select all that apply.)
Network -Answer-A low level distributed denial of service (DDoS) attack that involves
SYN or SYN/ACK flooding describes what type of attack?
REVIEW QUESTIONS WITH
CORRECT DETAILED ANSWERS
Revealing database server configuration -Answer-A web application's code prevents the
output of any type of information when an error occurs during a request. The
development team cited security reasons as to why they developed the application in
this way. What sort of security issues did the team have concerns about in this case?
Replay attack -Answer-An intruder monitors an admin's unsecure connection to a server
and finds some required data, like a cookie file, that legitimately establishes a session
with a web server. What type of attack can the intruder perform with the cookie file?
Server-side request forgery -Answer-An attacker submitted a modified uniform resource
locator (URL) link to a website that eventually established connections to back-end
databases and exposed internal service configurations. The attacker did not hijack a
user to perform this attack. This describes which of the following types of attacks?
Cross-site Request Forgery (XSRF) -Answer-An attacker modified the HTML code of a
legitimate password-change web form, then hosted the .html file on the attacker's web
server. The attacker then emailed a URL link of the hosted file to a real user of the web
page. Once the user clicked the link, it changed the user's password to a value the
attacker set. Based on this information, what type of attack is the website vulnerable to?
-Key discovery
-Improper error handling -Answer-The latest web application, using default settings, is
currently accepting application programming interface (API) calls over HyperText
Transfer Protocol (HTTP). The environment has a moderate key management system.
Even with basic server security, the API connection is vulnerable to which of the
following? (Select all that apply.)
-Resource exhaustion
-Denial of service (DoS)
-more answers -Answer-Which of the following conditions are results of a SYN
(synchronize) flood attack? (Select all that apply.)
A shim -Answer-By compromising a Windows XP application that ran on a Windows 10
machine, an attacker installed persistent malware on a victim computer with local
administrator privileges. What should the attacker add to the registry, along with its files
added to the system folder, to execute this malware?
, Refactoring -Answer-Through what method can malware evade antivirus software
detection, so that the software no longer identifies the malware by its signature?
-A pass-the-hash attack
-A replay attack -Answer-A security engineer implemented once-only tokens and
timestamping sessions. What type of attacks can this type of security prevent? (Select
all that apply.)
A rogue access point (AP) -Answer-A security analyst's scans and network logs show
that unauthorized devices are connecting to the network. The analyst discovers a
tethered smartphone acting as a connection point to the network. Which behavior
describes the smartphone's role?
Bluesnarfing -Answer-An attacker used an exploit to steal information from a mobile
device, which allowed the attacker to circumvent the authentication process. Which of
the following attacks was used to exploit the mobile device?
-Disable the offending radio source.
-Boost the signal of the legitimate equipment. -Answer-An attacker used an illegal
access point (AP) with a very strong signal near a wireless network. If the attacker
performed a jamming attack, which of the following would mitigate this type of network
disruption? (Select all that apply.)
IV attacks -Answer-Wi-Fi Protected Access (WPA) fixes critical vulnerabilities in the
earlier wired equivalent privacy (WEP) standard. Understanding that WPA uses a
combination of an RC4 stream cipher and Temporal Key Integrity Protocol (TKIP), this
makes a wireless access point NOT vulnerable to which of the following attacks when
related to encrypted wireless packets?
A Man-in-the-Middle attack -Answer-A malicious user sniffed credentials exchanged
between two computers by intercepting communications between them. What type of
attack did the attacker execute?
Domain Name System (DNS) client cache poisoning -Answer-A hacker corrupted the
name:IP records held on the HOSTS file on a client, to divert traffic for a legitimate
domain to a malicious IP address. What type of attack did the hacker perform?
-Domain reputation
-URL redirections -Answer-External hackers have some access to a company's website
and made some changes. Customers have submitted multiple complaints via email for
wrong orders and inappropriate images on the website. The Chief Information Officer
(CIO) is now worried about the distribution of malware. The company should prepare for
which of the following other issues or concerns? (Select all that apply.)
Network -Answer-A low level distributed denial of service (DDoS) attack that involves
SYN or SYN/ACK flooding describes what type of attack?
