SY0-401:3 TS Quiz Threats and Vulnerabilities study guide 2022
2 views 0 purchase
Course
SY0-401:3 TS
Institution
SY0-401:3 TS
SY0-401:3 TS Quiz Threats and Vulnerabilities study guide 2022 "Bob manages the sales department. Most of his sales representatives travel among several client sites. He wants to enable these sales representatives to check the shipping status of their orders online. This information currently resid...
sy0 4013 ts quiz threats and vulnerabilities study guide 2022
bob manages the sales department most of his sales representatives travel among several client sites he wants to enable these sales
Written for
SY0-401:3 TS
All documents for this subject (3)
Seller
Follow
EvaTee
Reviews received
Content preview
SY0-401:3 TS Quiz Threats and
Vulnerabilities
"Bob manages the sales department. Most of his sales representatives travel among
several client sites. He wants to enable these sales representatives to check the
shipping status of their orders online. This information currently resides on the company
intranet, but it is not accessible to anyone outside the company firewall. Bob has asked
you to make the information available to traveling sales representatives. You decide to
create an extranet to allow these employees to view their customers' order status and
history.
Which technique could you use to secure communications between network segments
sending order-status data via the Internet?
VPN
VLAN
Extranet
Certificate server" - Answer "
Answer:
VPN
Explanation:
A virtual private network (VPN) is not a physical network. In a VPN, a public network,
such as the Internet, is used to allow secure communication between companies that
are not located together or between private networks. A VPN transports encrypted data.
A Virtual LAN (VLAN) allows networks to be segmented logically without physically
rewiring the network. A VLAN is an excellent way to provide an added layer of security
by isolating resources into separate subnets. If a small company purchases an all-in-
one wireless router/switch and has two Web servers, and it needs to protect from
access by BYOD, you could create a server VLAN and place an ACL on the Web
servers.
An extranet enables two or more companies to share information and resources. While
an extranet should be configured to provide the shared data, an extranet is only a Web
page. It is not actually responsible for data transmission. An extranet has a wider
boundary than an intranet.
A certificate server provides certificate services to users. Certificates are used to verify
user identity and protect data communication.
VPNs use what is known as a tunneling protocol for the secure transfer of data using
the Internet. A common tunneling protocol for this purpose is Point-to-Point Tunneling
Protocol (PPTP). The term ""tunnel"" refers to how the information is privately sent. Data
being sent is encapsulated into what are called network packets. Packets are encrypted
from where they originate before they are sent via the Internet. The information travels
,SY0-401:3 TS Quiz Threats and
Vulnerabilities
in an encrypted, or non-readable, form. Once the information arrives at its destination, it
is then decrypted.
By using a VPN, a company avoids the expense of leased lines for secure
communication, but instead can use public networks to transfer data in a secure way.
Client computers can connect to the VPN by dial-up, DSL, ISDN, or cable modems.
An intranet is a local area network (LAN) add-on that is restricted to certain users,
usually a company's employees. The data contained on it is usually private in nature."
Match the descriptions on the left with the malware types on the right. - Answer
"Explanation:
The malware types should be matched with the descriptions in the following manner:
Backdoor - a developer hook in a system or application that allows developers to
circumvent normal authentication
Logic bomb - a program that executes when a certain predefined event occurs
Spyware - a program that monitors and tracks user activities
Trojan horse - a program that infects a system under the guise of another legitimate
program
"
"To which type of attack are password files stored on a server vulnerable?
a dictionary attack
a SYN flood attack
a side channel attack
a Denial of Service (DoS) attack
" - Answer "Explanation:
A dictionary attack is based on the attacker's efforts to determine the decryption key to
defeat a cipher. This attack uses words from the dictionary and typically succeeds
because many users choose passwords from a dictionary that are easy to remember.
Therefore, the dictionary attack is a part of cryptanalysis. One-way encryption or one-
way hashing protects against reading or modifying the password file, but an intruder can
launch a dictionary attack after capturing the password file.
A SYN flood attack is a Denial of Service (DoS) technique. The attacker sends multiple
SYN packets to a target machine from a spoofed source IP address. The victim
machine responds to the service requests by replying with an acknowledgement (SYN-
ACK) and allocating resources to the spoofed source IP address. The target machine
runs out of resources, and the requests from legitimate users are denied.
In a side channel attack, the attacker gains information regarding the encryption
algorithms running in the cryptosystem that is implemented in the network. The attacker
can use information such as power consumption, electromagnetic radiations, and sound
,SY0-401:3 TS Quiz Threats and
Vulnerabilities
to break into a system. The side channel attack can also be based on the time taken to
perform a computation.
A DoS attack exploits the limitations of the TCP/IP protocol by flooding the network with
a large number of false resource requests or by consuming the complete bandwidth of
the network. To fulfill the resource requests that are falsely created by the attacker, the
network exhausts its resources. Therefore, legitimate and authorized users are denied
services on the basis of a resource crunch in the network.
"
"
You have just discovered that an application that your company purchased is
intentionally embedded with software code that allows a developer to bypass the regular
access and authentication mechanisms. Which software code is being described?
logic bomb
pseudo-flaw
multipart virus
debugging hooks
" - Answer "Answer:
debugging hooks
Explanation:
A debugging or maintenance hook is software code that is intentionally embedded in the
software during its development process to allow the developer to bypass the regular
access and authentication mechanisms. These hooks can pose a threat to the security
of the software and can be exploited if any maintenance hook is not removed before the
software goes into production and an intruder is able to find the maintenance hook.
A logic bomb implies a malicious program that remains dormant and is triggered
following a specific action by the user or after a certain time interval. The primary
difference between logic bombs, viruses, and worms is that a logic bomb is triggered
when specific conditions are met.
A pseudo-flaw refers to vulnerability code embedded intentionally in the software to trap
intruders.
A multipart virus can infect both executable files and boot sectors of hard disk drives.
The virus first resides in the memory and then infects the boot sector and the
executable files of the computer.
"
, SY0-401:3 TS Quiz Threats and
Vulnerabilities
"Which spyware technique inserts a dynamic link library into a running process's
memory?
SMTP open relay
DLL injection
buffer overflow
cookies
" - Answer "
Answer:
DLL injection
Explanation:
DLL injection is a spyware technique that inserts a dynamic link library (DLL) into a
running process's memory. Windows was designed to use DLL injection to make
programming easier for developers. Some of the standard defenses against DLL
injection include application and operating system patches, firewalls, and intrusion
detection systems.
SMTP open relay is an e-mail feature that allows any Internet user to send e-mail
messages through the SMTP server. SMTP relay often results in an increased amount
of spam. SMTP relay is designed into many e-mail servers to allow them to forward e-
mail to other e-mail servers.
Buffer overflow occurs when the length of the input data is longer than the length
processor buffers can handle. Buffer overflow is caused when input data is not verified
for appropriate length at the time of the input. Buffer overflow and boundary condition
errors are examples of input validation errors. Memory addressing is specific to a buffer
overflow attack. If a programmer allocates 16 bytes for a string variable but does not
adequately ensure that more than 16 bytes can be copied into, a buffer overflow can
occur. If a security analysis discovers JavaScript being used to send random data to
another service on the same computer, a buffer overflow attack is occurring. One of the
oldest examples of a buffer overflow attack is a no operation performed (NOOP) attack.
A NOOP attack is an attack in which an instruction is given in which no operation is
executed.
Cookies store information on a Web client for future sessions with a Web server. It is
used to provide a persistent, customized Web experience for each visit and to track a
user's browser habits. The information stored in a cookie is not typically encrypted and
might be vulnerable to hacker attacks.
"
"Which type of attack redirects you to a fake Web site?
land attack
hyperlink spoofing
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller EvaTee. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $18.99. You're not tied to anything after your purchase.