Question 1

What is "Phishing" and how does it typically target endpoints?

Options :

A : An attack that uses malicious code to exploit system vulnerabilities

B : An attack that involves intercepting network traffic to extract data

C : A method of exploiting software bugs to gain unauthorized access

D : A social engineering attack that tricks users into revealing sensitive information or installing malware

Answer: D

Question 2

What is "Pretexting" in the context of social engineering?

Options :

A : Using deception to convince individuals to reveal information by pretending to be someone they know or trust

B : An approach to exploiting software vulnerabilities

C : A technique for bypassing security controls on a system

D : A method of intercepting network traffic to gather sensitive information

Answer: A

Question 3

Which cybersecurity role is primarily concerned with configuring and managing firewalls, intrusion detection systems, and other security tools?

Options :

A : Security Engineer

B : Security Analyst

C : Security Architect

D : Incident Responder

Answer: A

Question 4

What method does a spyware attack use to propagate and collect data?

Options :

A : By flooding the network with excessive traffic

B : By exploiting weaknesses in web applications

C : By installing malicious software to monitor and collect user activity

D : By exploiting network vulnerabilities to gain unauthorized access

Answer: C

Question 5

What is "steganography" and how is it used in defense evasion?

Options :

A : A strategy for disrupting network operations through denial-of-service attacks

B : A technique to hide malicious code within legitimate network traffic

C : A practice of embedding malicious code within image or audio files

D : A method to encrypt communication between attackers and their command servers

Answer: C

Smartly Prepare Exam with Free Online SEC-100 Practice Test