CompTIA A+ 220-1202 - Security and Malware Notes- 7th Set of Notes
Call Kai
Learn
Practice Test
Spaced Repetition
Match
Flashcards
Knowt Play1/27
There's no tags or description
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced | Call with Kai |
|---|
No analytics yet
Send a link to your students to track their progress
28 Terms
Why is perimeter security insufficient against insider threats?
It offers no protection against threats originating inside the network.
What is the least privilege principle?
Limiting data access to only those who genuinely need it.
Why is cryptocurrency popular for recruiting insider accomplices?
Payments are fast, anonymous, and difficult to trace.
What is the root cause of SQL injection attacks?
A failure of input validation in the application.
What does SQL stand for?
Structured Query Language.
How does the injected code "' OR '1'='1" bypass SQL authentication?
It creates an always-true condition, returning all database records.
What does the double dash ("--") signify in a SQL injection query?
It tells the database to ignore everything that follows as a comment.
What coding practice prevents SQL injection by separating input from commands?
Parameterized queries, also called prepared statements.
What is the primary target of a standard Cross-Site Scripting (XSS) attack?
The victim's session cookie.
Why is XSS abbreviated as XSS instead of CSS?
To avoid confusion with Cascading Style Sheets (CSS).
What scripting language is most commonly used in XSS attacks?
JavaScript.
What is Stored (Persistent) XSS?
An XSS attack where the malicious script is permanently stored on a web page.
What is the root-level developer fix that completely prevents XSS?
Rigorous input validation and sanitization.
What type of attack is Business Email Compromise (BEC)?
A social engineering attack targeting human trust and urgency.
What is typosquatting in email domain spoofing?
Registering a domain with a subtle misspelling to mimic a legitimate domain.
What is the single most effective defense against BEC financial requests?
Verifying unusual requests out-of-band, such as a direct phone call.
What is a supply chain attack?
An attack exploiting vulnerabilities in third-party suppliers to breach a target.
What network design practice would have contained the Target 2013 HVAC breach?
Network segmentation.
What did the 2020 SolarWinds Orion attack demonstrate about digital signatures?
They do not protect if malicious code is inserted before signing.
What is a Standard Operating Environment (SOE)?
A pre-approved, fully configured device setup used to standardize devices.
What occurs on Microsoft "Patch Tuesday"?
Microsoft releases its monthly batch of security updates on the second Tuesday.
What is the difference between EOL and EOSL in software support?
EOL stops sales; EOSL stops all support and security patches.
How does a Mobile Device Manager (MDM) make BYOD secure?
It partitions the device to separate corporate data from personal data.
What is the best practice for organizations dealing with infected systems?
Wipe the system entirely and restore from a known good image.
Why must you disable System Restore early in malware removal?
To delete infected restore points and prevent malware from returning.
Why should you never back up an infected system?
It preserves the malware, which will re-infect the system when restored.
What is the escalation path when normal boot fails during malware removal?
Safe Mode, then WinPE, then ADK.
What is the final step of the malware removal process?
User education and training.