Security+ SY0-601 Domain 1: Attacks, Threats, and V5

Which type of denial-of-service (DoS) attack occurs when a name server receives malicious or misleading data that incorrectly maps host names and IP addresses?

While using the internet, you type the URL of one of your favorite sites in the browser. Instead of going to the correct site, the browser displays a completely different website. When you use the IP address of the web server, the correct site is displayed.

Which type of attack has likely occurred?

An attacker uses an exploit to push a modified hosts file to client systems. This hosts file redirects traffic from legitimate tax preparation sites to malicious sites to gather personal and financial information.

Which kind of exploit has been used in this scenario?

An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?

Which of the following is the BEST definition of the term hacker?

Which of the following is the correct definition of a threat?

Which of the following BEST describes a cyber terrorist?

An employee stealing company data could be an example of which kind of threat actor?

The IT manager in your organization proposes taking steps to deflect a potential threat actor. The proposal includes the following:

Create and follow onboarding and off-boarding procedures.

Employ the principal of least privilege.

Have appropriate physical security controls in place.

Which type of threat actor do these steps guard against?

A script kiddie is a threat actor who lacks knowledge and sophistication. Script kiddie attacks often seek to exploit well-known vulnerabilities in systems.

What is the BEST defense against script kiddie attacks?