Appendix A. Answers to the “Do I Know This Already?” Quizzes and Review Questions

Chapter 1

“Do I Know This Already?” Quiz

1. C. Available services on a device are discovered by identifying the open ports on the device.

2. B. By determining the operating system, the hacker may be able to take advantage of weaknesses derived from missing security patches.

3. A. Attackers may attempt a process called e-mail harvesting, and the security analyst should attempt it as well. Typically e-mail harvesting bots (automated processes) are used for this.

4. B. Phishing is a social engineering attack that involves sending a mass e-mail that to the recipients appear to come from a trusted party, such as their bank. It includes a link that purports to connect ...

Get CompTIA Cybersecurity Analyst (CySA+) Cert Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.