Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

CPA ISC S3 EXAM QUESTIONS WITH COMPLETE ANSWERS

Rating
-
Sold
-
Pages
14
Grade
A+
Uploaded on
15-09-2025
Written in
2025/2026

CPA ISC S3 EXAM QUESTIONS WITH COMPLETE ANSWERS

Institution
ICS
Course
ICS

Content preview

CPA ISC S3 EXAM QUESTIONS WITH
COMPLETE ANSWERS
Insiders - ANSWER-employees that either organically developed into a person with
malicious intentions or intentionally infiltrated an organization to achieve nefarious
objectives

External Threats - ANSWER-Threats that originate outside an organization

Network Based Attack - ANSWER-attack targets the infrastructure of a network
including switches, routers, servers, and cabling, with the intent to gain unauthorized
access or disrupt operations for users

Backdoors/Trapdoors - ANSWER-methods to bypass security access procedures by
creating an entry and exit point to a network that is undocumented

Covert Channel - ANSWER-mechanisms used to transmit data using methods not
originally intended for data transmission by the system designers. Violate the entity
security policy but do not exceed entity access authorization, so they can
communicate data in small parts. (example of person stealing .005 off of 100 million
business each transaction by re-routing into personal bank account)

Storage Channel - ANSWER-data is transmitted by modifying a storage location,
allowing another party with lower security permission to access the data

Timing Channel - ANSWER-the delay or gap in transmitting data packets is used to
hide a transmission

Buffer Overflows - ANSWER-Insertion of malicious code into memory by overrunning
buffers outside of their assigned memory space.

Denial of Service (DoS) - ANSWER-One or more attackers attempt to flood a server
with so many incoming messages that the server is unable to handle legitimate
business

Distributed Denial of Service (DDoS) - ANSWER-Multiple machines simultaneously
launch attacks on the server to force it offline (multiple attackers)

Man-in-the-middle (MITM) attack - ANSWER-attacker acts as an intermediary
between two parties intercepting communications, acting as a legitimate entity within
a typical secure session

, Port-Scanning Attack - ANSWER-scanning networks for open ports is done by
attackers to find vulnerabilities that can be exploited so they can gain unauthorized
access to a company's network

Ransomware Attack - ANSWER-these are attackers that come in the form of
malware that locks a user or a company's operating systems, applications, and the
ability to access data unless a ransom is paid

Reverse Shell Attacks - ANSWER-a victim initiates communication with an attacker
from behind company firewall so the attacker can bypass the firewall and other
safeguards and remotely control the victims machine

Replay Attacks - ANSWER-cybercriminal eavesdrops on a secure network
communication, intercepts it, and then replays the message at a later time to the
intended target to gain access to the network and the data behind the firewall

Return Oriented Attacks - ANSWER-use a sophisticated technique that utilizes
pieces of legitimate original system code in a sequence to perform operations useful
to attacker (taking pieces from a shredder and putting it back together)

Spoofing - ANSWER-The act of impersonating someone or something to obtain
unauthorized system access by using falsified credentials or initiating a legitimate
person/entity by using fake IP address, domains, email address

Domain Name System (DNS) Spoofing - ANSWER-person modifies the domain
name to IP address mapping known as the domain name system

Hyperlink Spoofing - ANSWER-alternation of hyperlink URLs that redirect the victim
away from their intended destination

Address Resolution Spoofing (ARS) - ANSWER-involves a fraudulent act of falsifying
the mapping of media access control (MAC) addresses on a network to IP addresses

Application Based Attacks - ANSWER-target specific software or applications such
as databases or websites to gain unauthorized access or disrupt functionality

Structured Query Language (SQL) Injection - ANSWER-A type of attack in which the
hacker adds SQL code to a Web or application input to gain access to or alter data in
the database ; the target in this attack is the database

Cross Site Scripting (XSS) - ANSWER-inject code to a company's website that
attacks users visiting the company's website ; the target in this attack is the company
website to compromise the company's website user's data

Race Condition - ANSWER-attacker exploits system or application that relies on a
specific sequence of operations (forcing application to perform two ore more
operations out of order

Written for

Institution
ICS
Course
ICS

Document information

Uploaded on
September 15, 2025
Number of pages
14
Written in
2025/2026
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

$18.99
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF


Also available in package deal

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
lectknancy Boston University
Follow You need to be logged in order to follow users or courses
Sold
326
Member since
2 year
Number of followers
27
Documents
26133
Last sold
6 days ago

3.7

79 reviews

5
38
4
13
3
11
2
4
1
13

Recently viewed by you

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions