E- mail scams and mail fraud are regulated by which of the following?

1. A. 18 U.S.
2. B. pa
3. C. 1030 Fraud and Related activity in connection with Computers
4. D. 18 U.S.
5. E. pa
6. F. 1029 Fraud and Related activity in connection with Access Devices
7. G. 18 U.S.
8. H. pa
9. I. 1362 Communication Lines, Stations, or Systems
10. J. 18 U.S.
11. K. pa
12. L. 2510 Wire and Electronic Communications Interception and Interception of Oral Communication

Correct Answer: A

Password cracking programs reverse the hashing process to recover passwords. (True/False.)

1. A. True
2. B. False

Correct Answer: B

Attacker Rony installed a rogue access point within an organization's perimeter and attempted to intrude into its internal network. Johnson, a security auditor, identified some unusual traffic in the internal network that is aimed at cracking the authentication mechanism. He immediately turned off the targeted network and tested for any weak and outdated security mechanisms that are open to attack. What is the type of vulnerability assessment performed by johnson in the above scenario?

1. A. Host-based assessment
2. B. Wireless network assessment
3. C. Application assessment
4. D. Distributed assessment

Correct Answer: B
Wireless network assessment determines the vulnerabilities in an organization’s wireless networks. In the past, wireless networks used weak and defective data encryption mechanisms. Now, wireless network standards have evolved, but many networks still use weak and outdated security mechanisms and are open to attack. Wireless network assessments try to attack wireless authentication mechanisms and gain unauthorized access. This type of assessment tests wireless networks and identifies rogue networks that may exist within an organization’s perimeter. These assessments audit client-specified sites with a wireless network. They sniff wireless network traffic and try to crack encryption keys. Auditors test other network access if they gain access to the wireless network.

What does the following command in netcat do? nc -l -u -p55555 < /etc/passwd

1. A. logs the incoming connections to /etc/passwd file
2. B. loads the /etc/passwd file to the UDP port 55555
3. C. grabs the /etc/passwd file when connected to UDP port 55555
4. D. deletes the /etc/passwd file when connected to the UDP port 55555

Correct Answer: C

Alice, a professional hacker, targeted an organization's cloud services. She infiltrated the targets MSP provider by sending spear-phishing emails and distributed custom-made malware to compromise user accounts and gain remote access to the cloud service. Further, she accessed the target customer profiles with her MSP account, compressed the customer data, and stored them in the MSP. Then, she used this information to launch further attacks on the target organization. Which of the following cloud attacks did Alice perform in the above scenario?

1. A. Cloud hopper attack
2. B. Cloud cryptojacking
3. C. Cloudborne attack
4. D. Man-in-the-cloud (MITC) attack

Correct Answer: A
Operation Cloud Hopper was an in depth attack and theft of data in 2017 directed at MSP within the uk (U.K.), us (U.S.), Japan, Canada, Brazil, France, Switzerland, Norway, Finland, Sweden, South Africa , India, Thailand, South Korea and Australia. The group used MSP as intermediaries to accumulate assets and trade secrets from MSP client engineering, MSP industrial manufacturing, retail, energy, pharmaceuticals, telecommunications, and government agencies.Operation Cloud Hopper used over 70 variants of backdoors, malware and trojans. These were delivered through spear-phishing emails. The attacks scheduled tasks or leveraged services/utilities to continue Microsoft Windows systems albeit the pc system was rebooted. It installed malware and hacking tools to access systems and steal data.