Podcast
Questions and Answers
Which social-engineering technique involves sending fraudulent SMS messages to trick users?
Which social-engineering technique involves sending fraudulent SMS messages to trick users?
- Spear phishing
- Smishing (correct)
- Vishing
- SPIM
What is the recommended approach for deploying application patches?
What is the recommended approach for deploying application patches?
- Apply the patches to systems in a testing environment, then to systems in a staging environment, and finally to production systems (correct)
- Apply the patches to the production systems, apply them in a staging environment, and then test all of them in a testing environment
- Test the patches in a test environment, apply them to the production systems, and then apply them to a staging environment
- Test the patches in a staging environment, develop against them in the development environment, and then apply them to the production systems
Which RAID level is designed to achieve parity and handle two simultaneous disk failures?
Which RAID level is designed to achieve parity and handle two simultaneous disk failures?
- RAID 5 (correct)
- RAID 2
- RAID 6
- RAID 0+1
Why might a server administrator place a file named password.txt on the desktop of an administrator account?
Why might a server administrator place a file named password.txt on the desktop of an administrator account?
What is the document described as in the text?
What is the document described as in the text?
What did the security assessment identify regarding DES and 3DES on production servers?
What did the security assessment identify regarding DES and 3DES on production servers?
What is the likely cause of access issues at the datacenter according to the text?
What is the likely cause of access issues at the datacenter according to the text?
What would work BEST to help identify potential vulnerabilities on the hosted web servers?
What would work BEST to help identify potential vulnerabilities on the hosted web servers?
What is the MOST likely occurrence based on the IP address discrepancies in the text?
What is the MOST likely occurrence based on the IP address discrepancies in the text?
Study Notes
Social Engineering Techniques
- Smishing is a type of social-engineering technique that involves sending fraudulent SMS messages to trick victims into divulging sensitive information.
Patch Deployment
- The best approach for deploying application patches is to apply them to systems in a testing environment, then to systems in a staging environment, and finally to production systems.
RAID Levels
- RAID 5 is a RAID level that achieves parity and can handle two simultaneous disk failures.
Honeyfiles
- A honeyfile is a document or file that is intentionally placed in a conspicuous location to attract the attention of a cyberintruder, such as a file named "password.txt" on a server.
Weak Encryption
- DES and 3DES are examples of weak encryption protocols that should not be used on production servers.
Biometric Errors
- False rejection and cross-over error rate are types of errors that can occur with biometric authentication systems, such as fingerprint scanners.
Vulnerability Identification
- Nmap is a tool that can be used to identify potential vulnerabilities by scanning for open ports and services on a network.
DNS Spoofing
- DNS spoofing is a type of attack where an attacker temporarily pawns a name server to redirect users to a fraudulent website instead of the legitimate one.
Vulnerable Code Inclusion
- Unsecure protocols and the use of penetration-testing utilities are two likely vectors for the unauthorized inclusion of vulnerable code in a software company’s final software releases.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Test your knowledge on social engineering techniques used in a recent SMS incident and the best approach for deploying application patches. Questions cover SPIM, Vishing, Spear phishing, Smishing, and patch deployment strategies.
