Section 2.3 Demonstrate your acquired knowledge explaining various types of vulnerabilities. This will demonstrate your proficiency for section 2.3 of the Security+ SY0-701 objectives. 1 / 25 A vulnerability introduced by failing to secure cloud storage buckets would be: Firmware injection Cloud-specific vulnerability Hardware reuse Race condition error 2 / 25 A database susceptible to unauthorized queries is vulnerable to: VM escape Cross-site scripting SQLi Malicious firmware 3 / 25 Which type of vulnerability exploits user trust in visual content? Malicious update Cross-site scripting Side loading VM escape 4 / 25 A zero-day vulnerability is best described as: Known but unpatched flaw Unknown flaw to defenders Discontinued system error Resource reuse misstep 5 / 25 Bypassing manufacturer restrictions on mobile operating systems is called: Jailbreaking Side loading Cross-site scripting Data obfuscation 6 / 25 What mobile device vulnerability results from manually installing unauthorized apps? Buffer overflow VM escape Side loading End-of-life risk 7 / 25 Open administrative ports exposed to the public is an example of: Cloud-specific flaw Hardware legacy risk Misconfiguration Cryptographic error 8 / 25 Which cryptographic vulnerability allows weak or compromised encryption keys? Memory injection Time-of-check flaw Cryptographic weakness Race condition 9 / 25 If a manufacturer installs insecure firmware onto routers, it is a: Mobile vulnerability Supply chain flaw Cloud-specific threat Database injection 10 / 25 A service provider failing to patch their managed systems could cause: Hardware flaw Application injection Supply chain vulnerability Wireless misconfiguration 11 / 25 If a supplier embeds malware into legitimate software, it is a: Cloud-specific risk Cryptographic flaw Supply chain compromise VM escape attack 12 / 25 What makes cloud environments vulnerable compared to on-premises data centers? Excessive network cables Shared infrastructure risks Static routing configurations Encrypted data channels 13 / 25 Which virtualization vulnerability occurs when memory isn’t cleared between VM sessions? Resource reuse Firmware flaw Side loading Data salting 14 / 25 A threat actor escaping from a guest VM to control the host system is an example of: Side loading Virtual machine escape Race condition Data masking 15 / 25 A system still running outdated, unsupported software is vulnerable due to: Legacy systems Side loading VM escape Cross-site scripting 16 / 25 Using hardware no longer supported by manufacturers exposes: Supply chain risks End-of-life vulnerabilities SQL injection flaws Resource reuse issues 17 / 25 Exploiting a device’s firmware vulnerabilities affects which layer? Application Virtualization Hardware Supply chain 18 / 25 An attacker embeds malicious scripts into a website to target visitors. This is: Cross-site scripting Time-of-check Buffer overflow Cryptographic flaw 19 / 25 SQL injection attacks primarily target: Hardware firmware Network routers Web applications Mobile platforms 20 / 25 Which is considered an OS-based vulnerability? Unpatched system drivers Structured Query Language injection Virtual machine escape Side loading application 21 / 25 Installing compromised patches from an unauthorized source describes: Jailbreaking Malicious update Resource reuse Memory injection 22 / 25 A race condition that occurs between validation and execution is called: Time-of-approval Time-of-authentication Time-of-check/time-of-use Time-of-access 23 / 25 Which vulnerability exploits a delay between checking and using a resource? Memory injection SQL injection Race condition Resource exhaustion 24 / 25 A vulnerability that lets attackers overwrite adjacent memory locations is called: Buffer overflow Memory injection Race condition Side loading 25 / 25 Which application vulnerability occurs when untrusted data is injected into memory? Buffer overflow Memory injection Race condition Resource reuse Your score isThe average score is 0% 0% Restart quiz Return to CompTia N+ 10-009 Objectives
