Garantie de satisfaction à 100% Disponible immédiatement après paiement En ligne et en PDF Tu n'es attaché à rien
logo-home
Security+ Cert Exam Objectives SYO-601 with complete solution graded A+ €12,96   Ajouter au panier

Examen

Security+ Cert Exam Objectives SYO-601 with complete solution graded A+

 2 vues  0 fois vendu
  • Cours
  • Établissement

Phishing - fraudulent attempt to obtain sensitive information or data, by disguising oneself as a trustworthy entity in an electronic communication. Smishing - When someone tries to trick you into giving them your private information via a text or SMS message. Vishing - Using social engineering...

[Montrer plus]

Aperçu 4 sur 38  pages

  • 8 avril 2022
  • 38
  • 2021/2022
  • Examen
  • Questions et réponses
avatar-seller
Security+ Cert Exam Objectives SYO-601

Phishing - fraudulent attempt to obtain sensitive information or data, by disguising
oneself as a trustworthy entity in an electronic communication.

Smishing - When someone tries to trick you into giving them your private information via
a text or SMS message.

Vishing - Using social engineering over the telephone system to gain access to private
personal and financial information for the purpose of financial reward

Spam - irrelevant or unsolicited messages sent to a large number of Internet users, for
illegitimate advertising, and other activities such as phishing, and spreading malware

SPIM - Spam delivered through instant messaging (IM) instead of through e-mail
messaging

Spear Phishing - the act of sending emails to specific and well-researched targets while
pretending to be a trusted sender

Dumpster Diving - exploration of a system's trash bin for the purpose of finding details in
order for a hacker to have a successful online assault.

Shoulder Surfing - When someone watches over your shoulder to nab valuable
information as you key it into an electronic device.

Pharming - cyberattack intended to redirect a website's traffic to another, fake site.

Tailgating - Social engineering attempt by cyber threat actors in which they trick
employees into helping them gain unauthorized access into the company premises.

Eliciting Information - Procedures or techniques involving interacting with and
communicating with others that is designed to gather knowledge or inform

Whaling - Spear phishing that focuses on one specific high level executive or influencer

Prepending - Prepend is a word that means to attach content as a prefix. For example,
a prepend command could be used in a scripting language that a programmer would
enter into a certain function or code module. It would add certain characters of text to
the beginning of some variable or object.

Identity Fraud - identity fraud is the use of stolen information such as making fake ID's
and fake bank accounts

,Invoice Scams - using fraudulent invoices to steal from a company

Credential Harvesting - the use of MITM attacks, DNS poisoning, phishing, etc. to
amass large numbers of credentials (username / password combinations) for reuse.

Reconnaissance - - Information gathering about a target network

Hoax - Cyber hoax scams are attacks that exploit unsuspecting users to provide
valuable information, such as login credentials or money.

Impersonation - typically involves an email that seems to come from a trusted source.

Watering hole attack - security exploit in which the attacker seeks to compromise a
specific group of end users by infecting websites that members of the group are known
to visit. The goal is to infect a targeted user's computer and gain access to the network
at the target's place of employment.

Typo squatting - type of cybersquatting used by imposters that involve registering
domains with intentionally misspelled names of popular web addresses to install
malware on the user's system

Pretexting - the practice of presenting oneself as someone else in order to obtain
private information.

Influence campaigns -

Hybrid warfare - - Combining conventional warfare with cyberwarfare

Social Media Campaign - Planned, coordinated marketing efforts using one or more
social media platforms.

Principles: - Authority: an attacker may try to appear to have a certain level authority.
Intimidation: may try to make the victim think that something terrible is going to happen
if they don't comply with the attacker's wishes.
Consensus: An attacker may try to sway the mind of a victim using names they are
familiar with, saying that such ones provided them information (they are fishing for) in
the past and you should be able to do the same.
Scarcity: An attacker may try to set a time limit on a victim so that they can comply with
their wishes by a certain deadline.
Familiarity: they make you familiar with them on the phone and make you want to do
things for them.
Trust: The attacker in this case can claim to be a friend or close associate of someone
you may know very well and that's trusted.
Urgency: When attackers want you to act and not think, they want you to do what they
want as quickly as possible so that there's no time to spot all the red flags.

,Malware - a program or file designed to be disruptive, invasive and harmful to your
computer.

Ransomware - Software that encrypts programs and data until a ransom is paid to
remove it.

Worms - Independent computer programs that copy themselves from one computer to
other computers over a network

potentially unwanted program (PUP) - program that installs itself on a computer,
typically without the user's informed consent

Fileless virus - Software that uses legitimate programs to infect a computer. It does not
rely on files and leaves no footprint, making it challenging to detect and remove.

command and control - A computer controlled by an attacker or cybercriminal which is
used to send commands to systems compromised by malware and receive stolen data
from a target network

Bots - self-propagating malware that infects its host and connects back to a central
server(s).

Cryptomalware - Malware to remain in place for as long as possible, quietly mining in
the background.

logic bomb - A computer program or part of a program that lies dormant until it is
triggered by a specific logical event.

Spyware - Type of malware that infects your PC or mobile device and gathers
information about you, including the sites you visit, the things you download, your
usernames and passwords, payment information, and the emails you send and receive.

Keyloggers - software that tracks or logs the keys struck on your keyboard, typically in a
covert manner so that you don't know that your actions are being monitored.

Remote Access Trojan - type of malware that allows covert surveillance, a backdoor for
administrative control and unfettered and unauthorized remote access to a victim's
machine.

Rootkit - software program, typically malicious, that provides privileged, root-level (i.e.,
administrative) access to a computer while concealing its presence on that machine

Backdoor - refers to any method by which authorized and unauthorized users are able
to get around normal security measures and gain high level user access (aka root
access) on a computer system, network, or software application.

, Password Attack - Any type of attack in which the attacker
attempts to obtain and make use of passwords illegitimately.

Spraying password attack -

Dictionary password attack - An attack method that takes all the words from a dictionary
file and attempts to log on by entering each dictionary entry as a password.

brute force password attack (offline and online) - an attempt to guess a password by
attempting every possible combination of characters and numbers in it

Rainbow Tables - an attack on a password that uses a large pregenerated data set of
hashes from nearly every possible password

Plaintext/unencrypted password attack -

Malicious universal serial bus (USB) cable -

Malicious flash drive -

Card cloning -

Skimming -

Adversarial artificial intelligence (AI) - 1. Tainted training for machine learning (ML)
2. Security of machine learning algorithms

Supply-chain attacks -

Cloud-based vs. on-premises attacks -

Cryptographic attacks - 1. Birthday:
2. Collision:
3. Downgrade:

Privilege escalation -

Cross-site scripting -

Injections -

Structured query language (SQL) -

Dynamic link library -

Les avantages d'acheter des résumés chez Stuvia:

Qualité garantie par les avis des clients

Qualité garantie par les avis des clients

Les clients de Stuvia ont évalués plus de 700 000 résumés. C'est comme ça que vous savez que vous achetez les meilleurs documents.

L’achat facile et rapide

L’achat facile et rapide

Vous pouvez payer rapidement avec iDeal, carte de crédit ou Stuvia-crédit pour les résumés. Il n'y a pas d'adhésion nécessaire.

Focus sur l’essentiel

Focus sur l’essentiel

Vos camarades écrivent eux-mêmes les notes d’étude, c’est pourquoi les documents sont toujours fiables et à jour. Cela garantit que vous arrivez rapidement au coeur du matériel.

Foire aux questions

Qu'est-ce que j'obtiens en achetant ce document ?

Vous obtenez un PDF, disponible immédiatement après votre achat. Le document acheté est accessible à tout moment, n'importe où et indéfiniment via votre profil.

Garantie de remboursement : comment ça marche ?

Notre garantie de satisfaction garantit que vous trouverez toujours un document d'étude qui vous convient. Vous remplissez un formulaire et notre équipe du service client s'occupe du reste.

Auprès de qui est-ce que j'achète ce résumé ?

Stuvia est une place de marché. Alors, vous n'achetez donc pas ce document chez nous, mais auprès du vendeur EvaTee. Stuvia facilite les paiements au vendeur.

Est-ce que j'aurai un abonnement?

Non, vous n'achetez ce résumé que pour €12,96. Vous n'êtes lié à rien après votre achat.

Peut-on faire confiance à Stuvia ?

4.6 étoiles sur Google & Trustpilot (+1000 avis)

78998 résumés ont été vendus ces 30 derniers jours

Fondée en 2010, la référence pour acheter des résumés depuis déjà 14 ans

Commencez à vendre!
€12,96
  • (0)
  Ajouter