A security administrator is investigating a report that a user is receiving suspicious emails. The user's machine has an old functioning modem installed. Which of the following security concerns need to be identified and mitigated? (Choose two.)
Wardialing or war dialing is a technique to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for modems, computers, bulletin board systems (computer servers) and fax machines. Hackers use the resulting lists for various purposes: hobbyists for exploration, and crackers—malicious hackers who specialize in breaching computer security—for guessing user accounts (by capturing voicemail greetings), or locating modems that might provide an entry-point into computer or other electronic systems. It may also be used by security personnel, for example, to detect unauthorized devices, such as modems or faxes, on a company's telephone network.
The mails could be regarding the modem and the modem itself is old so E,F.
Tho I don't understand how this particular guy could have been IDed by the wardialing(as this would just show a computer on the other end of the line), he is an obvious victim of a targeted attack(several mails to him alone) and we MUST infer SPEARFISHING...also they want us to believe the attack used the modem, in a WARDIALING scenario? we can eliminate Vish(no phone call) Whale(not upper management) Pharming(no fraudulent website redirect mention) and Hoax(no description of what was contained in emails received) what are we left with....bet ya wont see this question....just too the NET + last month and dont recall ANY modem questions, aside from Out of Band remote management during an internet failure!!
Question doesn't say which 2 is the user experiencing, just says: "Which of the following security concerns need to be identified and mitigated?"
User is being spear fished (C) and the workstation is at risk of WarDialing (E) since the modem is active. Both of which "need to be identified and mitigated"
Does anybody actually study before coming to try these questions out?
A. Vishing = calling the victim
B. Whaling = CEO
C. Spear phishing = targeting a specific individual
D. Pharming = Not related.
E. War dialing = related to telephones/modems
F. Hoaxing = not really a HOAX but is the best second option.
My answer is E/F.
I think given answers are correct because look at the question "user is receiving suspicious emails" It's suspicious at this moment but it's not proven that the emails are phishing emails so it can be counted as Hoaxing and war dialing is another option as AllenFox have said.
I think given answers are correct because look at the question "user is receiving suspicious emails" It's suspicious at this moment but it's not proven that the emails are phishing emails so it can be counted as Hoaxing and war dialing is another option as AllenFox have said.
another bullshit question from ctia .. can't be war dialing as it does not match the description , what actually matches it is C and E since this is "suspicious email" could be false threat as well.
"a user is receiving suspicious EMAILS" I think the fact that one user is getting MULTIPLE emails suggests that spear phishing is one of the answers. There is nothing in the question to imply hoaxing is taking place in the emails, but we can be sure that the user is being TARGETED. AllenFox gives a good explanation of war dialing and I think that must be the second answer. Let me know if you guys agree/disagree
Answer: Spear phishing; Pharming
Explanation:
Based on the information given in the question, the security concerns that need to be identified and mitigated are spear phishing and pharming.
Spear phishing is the fraudulent practice whereby emails are sent from a trusted sender in which people are targeted to give out some confidential information.
Pharming is a cyberattack whereby the traffic of a website is redirected to another fake site. This is typically done when the host file on the computer of the victim has been changed.
I am going with C and F. I think the modem is a trap and is not contributing to the suspicious emails. What needs to be identified and mitigated right now is suspicious email.
this is where I landed also. Everyone (including myself) went with war dialing because of the modem) But modems alone dont allow you to connect to the computer if no app is listening for the call. Since email is the origin of suspicious emails C and F are the only ones that relate to this. I think E is a pump fake by TIA
upvoted 1 times
...
...
This section is not available anymore. Please use the main Exam Page.SY0-501 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
AllenFox
Highly Voted 4 years, 10 months agowho__cares123456789___
4 years, 4 months agoFNavarro
Highly Voted 4 years, 2 months agoDubbsnix
Most Recent 4 years agoPreach
4 years, 1 month agoDubbsnix
4 years agoLB54
3 years, 9 months agoL1singh
4 years, 1 month agoKeanoD
3 years, 11 months agobobthebuilder55110
4 years, 3 months agobobthebuilder55110
4 years, 3 months agomcNik
4 years, 3 months agoexiledwl
4 years, 4 months agoPoker69
4 years, 5 months agoexiledwl
4 years, 4 months agoHash___
4 years, 4 months agokentasmith
4 years, 8 months agoDaymeyon
4 years, 1 month ago