Review Questions : Comptia CySA+ CS0-001 exam questions and answers with exaplanation for free Page 12 -- Infibee

Feedback

Home

General Knowledge
General Aptitude
General English
Networking
Interview Questions
- .NET
- Java
- ASP.NET
- C++
- Perl
- Python
- Ruby and Rails
- Struts
- Core Java
- Hibernate
- DB2
- MS SQL Server
- MySQL
- Oracle
- SQL
- DBMS
- Data Warehousing
- Data structures and Algorithms
- CCNA
- CCNP Routing
- CCNP Switching
- Internetworking
- Border Gateway Protocol
- MCSE
- Exchange Server
- Windows Server 2008
- DNS & Active Directory
- Firewall Questions
- Unix
- Linux Server Administrator
- Linux System Administrator
- Linux File Manipulation
Database

Home
Security
Comptia Cybersecurity (Cysa+)

56.

In what type of attack does the attacker place more information in a memory location than is allocated for that use?

A.
SQL injection
B.
LDAP injection
C.
Cross-site scripting
D.
Buffer overflow

Answer & Explanation
Report

Answer : [D]
Explanation :

Buffer overflow attacks occur when an attacker manipulates a program into placing more data into an area of memory than is allocated for that program’s use. The goal is to overwrite other information in memory with instructions that may be executed by a different process running on the system.

Report

Name

57.

The Dirty COW attack is an example of what type of vulnerability?

A.
Malicious code
B.
Privilege escalation
C.
Buffer overflow
D.
LDAP injection

Answer & Explanation
Report

Answer : [B]
Explanation :

In October 2016, security researchers announced the discovery of a Linux kernel vulnerability dubbed Dirty COW. This vulnerability, present in the Linux kernel for nine years, was extremely easy to exploit and provided successful attackers with administrative control of affected systems.

Report

Name

58.

Which one of the following protocols should never be used on a public network?

A.
SSH
B.
HTTPS
C.
SFTP
D.
Telnet

Answer & Explanation
Report

Answer : [D]
Explanation :

Telnet is an insecure protocol that does not make use of encryption. The other protocols mentioned are all considered secure.

Report

Name

59.

Betty is selecting a transport encryption protocol for use in a new public website she is creating. Which protocol would be the best choice?

A.
SSL 2.0
B.
SSL 3.0
C.
TLS 1.0
D.
TLS 1.1

Answer & Explanation
Report

Answer : [D]
Explanation :

TLS 1.1 is a secure transport protocol that supports web traffic. The other protocols listed all have flaws that render them insecure and unsuitable for use.

Report

Name

60.

Which one of the following conditions would not result in a certificate warning during a vulnerability scan of a web server?

A.
Use of an untrusted CA
B.
Inclusion of a public encryption key
C.
Expiration of the certificate
D.
Mismatch in certificate name

Answer & Explanation
Report

Answer : [B]
Explanation :

Digital certificates are intended to provide public encryption keys, and this would not cause an error. The other circumstances are all causes for concern and would trigger an alert during a vulnerability scan.

Report

Name

Pages
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

Sitemap