Q. Why are reports of unsupported software considered a treasure trove of information for penetration testers?

View solution

Q. What major operating system had its support discontinued by Microsoft in July 2015?

View solution

Q. What is the recommended solution for organizations running unsupported operating systems?

View solution

Q. What is a buffer overflow attack?

View solution

Q. What is the primary goal of privilege escalation attacks?

View solution

Q. What is Dirty COW?

View solution

Q. What is a rootkit?

View solution

Q. What do arbitrary code execution vulnerabilities allow an attacker to do?

View solution

Q. What is a characteristic of remote code execution vulnerabilities?

View solution

Q. What is firmware, and where is it typically stored?

View solution

Q. Why might firmware vulnerabilities be challenging for IT teams to address?

View solution

Q. What is Spectre and Meltdown?

View solution

Q. What type of system is a lucrative target for attackers seeking financial gain?

View solution

Q. What standard outlines rules for the handling of credit card information and the security of devices involved in credit card transactions?

View solution

Q. Which of the following protocols is an insecure protocol that exposes users to eavesdropping attacks?

View solution

Q. What is the recommended secure replacement for Telnet when seeking to gain command-line access to a remote system?

View solution

Q. Which of the following provides a secure method to transfer files between systems?

View solution

Q. Why do vulnerability scans alert on the presence of debug modes on scanned servers?

View solution

Q. What is the recommended approach for software development in mature organizations regarding debug modes?

View solution

Q. What may vulnerability scans detect in network devices that require updates from the manufacturer?

View solution