CompTIA Security Plus Mock Test Q1648

While performing surveillance activities, an attacker determines that an organization is using 802.1X to secure LAN access. Which of the following attack mechanisms can the attacker utilize to bypass the identified network security?

A. MAC spoofing
B. Pharming
C. Xmas attack
D. ARP poisoning

Correct Answer: A
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1572

While performing surveillance activities an attacker determines that an organization is using 802.1X to secure LAN access. Which of the following attack mechanisms can the attacker utilize to bypass the identified network security controls?

A. MAC spoofing
B. Pharming
C. Xmas attack
D. ARP poisoning

Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1558

An attacker has gained access to the company’s web server by using the administrator’s credentials. The attacker then begins to work on compromising the sensitive data on other servers. Which off the following BEST describes this type of attack?

A. Privilege escalation
B. Client-side attack
C. Man-in-the-middle
D. Transitive access

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1523

An attacker is attempting to insert malicious code into an installer file that is available on the internet. The attacker is able to gain control of the web server that houses both the installer and the web page which features information about the downloadable file. To implement the attack and delay detection, the attacker should modify both the installer file and the:

A. SSL certificate on the web server
B. The HMAC of the downloadable file available on the website
C. Digital signature on the downloadable file
D. MD5 hash of the file listed on the website

Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1469

An attacker unplugs the access point at a coffee shop. The attacker then runs software to make a laptop look like an access point and advertises the same network as the coffee shop normally does. Which of the following describes this type of attack?

A. IV
B. Xmas
C. Packet sniffing
D. Evil twin
E. Rouge AP

Correct Answer: D
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1429

An attacker Joe configures his service identifier to be as an access point advertised on a billboard. Joe then conducts a denial of service attack against the legitimate AP causing users to drop their connections and then reconnect to Joe’s system with the same SSID. Which of the following BEST describes this of attack?

A. Bluejacking
B. WPS attack
C. Evil twin
D. War driving
E. Replay attack

Correct Answer: C
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1425

An attacker Joe configures his service identifier to be the same as an access point advertised on a billboard. Joe then conducts a denial of service attack against the legitimate AP causing users to drop their connections and then reconnect to Joe’s system with the same SSID. Which of the following Best describes this type of attack?

A. Bluejacking
B. WPS attack
C. Evil twin
D. War driving
E. Relay attack

Correct Answer: C
Section: Mixed Questions

CompTIA Security Plus Mock Test Q1315

By hijacking unencrypted cookies an application allows an attacker to take over existing web sessions that do not use SSL or end to end encryption. Which of the following choices BEST mitigates the security risk of public web surfing? (Select TWO)

A. WPA2
B. WEP
C. Disabling SSID broadcasting
D. VPN
E. Proximity to WIFI access point


Correct Answer: C,D
Section: Mixed Questions