SECURITY+ PRACTICE EXAM NEWEST ACTUAL EXAM
SECURITY+ PRACTICE EXAM NEWEST ACTUAL EXAM
COMPLETE 250 QUESTIONS AND CORRECT DETAILED
ANSWERS (VERIFIED ANSWERS) |ALREADY GRADED
A+||BRAND NEW VERSION!!
Ann states the issues began after she opened an invoice that vendor emailed to
her. Upon opening the invoice, she had to click several security warnings to view it
in her word processor. With which of the following is the device MOST likely
infected?
A. Spyware
B. Crypto-malware
C. Rootkit
D. Backdoor - Correct Answer-B .. Ransomware (crypto-malware) would encrypt
your files and cause your documents to no longer open, and would display a pop-
up stating that you must pay a ransom or your files will remain encrypted and un-
readable. This also accounts for the slow performance as your system tries and
tries to open those encrypted docs.
An employee receives an email, which appears to be from the Chief Executive
Officer (CEO), asking for a report of security credentials for all users. Which of the
following types of attack is MOST likely occurring?
A. Policy violation
B. Social engineering
C. Whaling
D. Spear phishing - Correct Answer-D .. Ask yourself who the target is! This is not
targeting the CEO so Whaling is out. Social Engineering might have been a good
1|Page
, SECURITY+ PRACTICE EXAM NEWEST ACTUAL EXAM
answer if this e-mail went out to all employees, but it didn't. This e-mail
specifically targeted the employee who could provide a report of security
credentials of all users. This was a targeted e-mail, thus Spear Phishing is the best
answer.
An information security specialist is reviewing the following output from a Linux
server:
user@server:~$ crontab -l
5 * * * * /usr/local/bin/backup.sh
user@server:~$ cat /usr/local/bin/backup.sh
#!/bin/bash
if ! Grep -quiet bobuser /etc/passwd
then rm -rf /
fi
Based on the above information, which of the following types of malware was
installed on the server?
A. Backdoor
B. Ransomware
C. Rootkit
D. Trojan
E. Logic bomb - Correct Answer-E .. <- crontab -l will list jobs that are scheduled
<-This line shows a job called backup.sh
<- This line displays the contents of that .sh file
<- Here is what's in the scheduled job:
2|Page
, SECURITY+ PRACTICE EXAM NEWEST ACTUAL EXAM
<- This says that if there is no account for "bobuser", in the password file, then
delete the entire hard drive, starting with the / folder. rm = "remove" and -r is
recursive (all subfolders too)
An analyst is reviewing a simple program for potential security vulnerabilities
before being deployed to a Windows server. Given the following code:
Void foo (char *bar)
{
char random_user_input[12];
strcpy (random_user_input, bar);
}
Which of the following vulnerabilities is present?
A. Backdoor
B. Buffer overflow
C. Bad memory pointer
D. Integer overflow - Correct Answer-B .. This script appears to be asking the user
for character-based input, but there doesn't appear to be any input-validation
routine. In this case, it could lead to more data being supplied than expected,
which could cause a buffer overflow.
Which of the following penetration testing concepts is being used when an
attacker uses public internet databases to enumerate and learn more about a
target?
3|Page
, SECURITY+ PRACTICE EXAM NEWEST ACTUAL EXAM
A. Pivoting
B. White box testing
C. Initial exploitation
D. Vulnerability scanning
E. Reconnaissance - Correct Answer-E
Which of the following types of attacks precedes the installation of a rootkit on a
server?
A. DoS
B. DDoS
C. Pharming
D. Privilege escalation - Correct Answer-D .. Rootkits are installed deep into an OS,
thus it requires high privileges to install one. Typically it requires kernel-level
privileges to hide the rootkit so deep.
An auditor is reviewing the following output from a password-cracking tool:
User1:Password1
User2:Recovery!
User3:Alaskan10
User4:4Private
User5:PerForMance2
Which of the following methods did the auditor MOST likely use?
A. Brute force
B. Dictionary
4|Page
SECURITY+ PRACTICE EXAM NEWEST ACTUAL EXAM
COMPLETE 250 QUESTIONS AND CORRECT DETAILED
ANSWERS (VERIFIED ANSWERS) |ALREADY GRADED
A+||BRAND NEW VERSION!!
Ann states the issues began after she opened an invoice that vendor emailed to
her. Upon opening the invoice, she had to click several security warnings to view it
in her word processor. With which of the following is the device MOST likely
infected?
A. Spyware
B. Crypto-malware
C. Rootkit
D. Backdoor - Correct Answer-B .. Ransomware (crypto-malware) would encrypt
your files and cause your documents to no longer open, and would display a pop-
up stating that you must pay a ransom or your files will remain encrypted and un-
readable. This also accounts for the slow performance as your system tries and
tries to open those encrypted docs.
An employee receives an email, which appears to be from the Chief Executive
Officer (CEO), asking for a report of security credentials for all users. Which of the
following types of attack is MOST likely occurring?
A. Policy violation
B. Social engineering
C. Whaling
D. Spear phishing - Correct Answer-D .. Ask yourself who the target is! This is not
targeting the CEO so Whaling is out. Social Engineering might have been a good
1|Page
, SECURITY+ PRACTICE EXAM NEWEST ACTUAL EXAM
answer if this e-mail went out to all employees, but it didn't. This e-mail
specifically targeted the employee who could provide a report of security
credentials of all users. This was a targeted e-mail, thus Spear Phishing is the best
answer.
An information security specialist is reviewing the following output from a Linux
server:
user@server:~$ crontab -l
5 * * * * /usr/local/bin/backup.sh
user@server:~$ cat /usr/local/bin/backup.sh
#!/bin/bash
if ! Grep -quiet bobuser /etc/passwd
then rm -rf /
fi
Based on the above information, which of the following types of malware was
installed on the server?
A. Backdoor
B. Ransomware
C. Rootkit
D. Trojan
E. Logic bomb - Correct Answer-E .. <- crontab -l will list jobs that are scheduled
<-This line shows a job called backup.sh
<- This line displays the contents of that .sh file
<- Here is what's in the scheduled job:
2|Page
, SECURITY+ PRACTICE EXAM NEWEST ACTUAL EXAM
<- This says that if there is no account for "bobuser", in the password file, then
delete the entire hard drive, starting with the / folder. rm = "remove" and -r is
recursive (all subfolders too)
An analyst is reviewing a simple program for potential security vulnerabilities
before being deployed to a Windows server. Given the following code:
Void foo (char *bar)
{
char random_user_input[12];
strcpy (random_user_input, bar);
}
Which of the following vulnerabilities is present?
A. Backdoor
B. Buffer overflow
C. Bad memory pointer
D. Integer overflow - Correct Answer-B .. This script appears to be asking the user
for character-based input, but there doesn't appear to be any input-validation
routine. In this case, it could lead to more data being supplied than expected,
which could cause a buffer overflow.
Which of the following penetration testing concepts is being used when an
attacker uses public internet databases to enumerate and learn more about a
target?
3|Page
, SECURITY+ PRACTICE EXAM NEWEST ACTUAL EXAM
A. Pivoting
B. White box testing
C. Initial exploitation
D. Vulnerability scanning
E. Reconnaissance - Correct Answer-E
Which of the following types of attacks precedes the installation of a rootkit on a
server?
A. DoS
B. DDoS
C. Pharming
D. Privilege escalation - Correct Answer-D .. Rootkits are installed deep into an OS,
thus it requires high privileges to install one. Typically it requires kernel-level
privileges to hide the rootkit so deep.
An auditor is reviewing the following output from a password-cracking tool:
User1:Password1
User2:Recovery!
User3:Alaskan10
User4:4Private
User5:PerForMance2
Which of the following methods did the auditor MOST likely use?
A. Brute force
B. Dictionary
4|Page
