Exam SY0-701 All QuestionsBrowse all questions from this exam
Go to Exam
Question 76

HOTSPOT -

Select the appropriate attack and remediation from each drop-down list to label the corresponding attack with its remediation.

INSTRUCTIONS -

Not all attacks and remediation actions will be used.

If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

    Correct Answer:

Discussion
Th3irdEye

I think the 3rd line is wrong. It should be: Database server / Worm / Change the default application password The prompt talks about compromising an SQL database with well known credentials. So you need to change the app default password to fix this. It also talks about the attack being self propagating which would make it a worm. I believe the rest of the answers are correct.

c80f5c5

These are the answers I got when I took a Sec+ bootcamp for work, they went over this lab during the course. 1. Botnet - Enable DDos 2. RAT - Implement Host based IPS 3. Worm - Change default application password 4. Keylogger - Disable remote access services 5. Backdoor - Conduct code review I've seen various answers around the web. I'm going with these.

Etc_Shadow28000

1 An attacker sends multiple SYN packets from multiple sources. - Botnet - Enable DDoS protection 2 The attack establishes a connection, which allows remote commands to be executed. - Attack Identified. RAT Remote Access Trojan - BEST Preventive or Remediation Action. Disable remote access services 3 The attack is self-propagating and compromises a SQL database using well-known credentials as it moves through the network. - Attack Identified. Worm - BEST Preventive or Remediation Action. Patch vulnerable systems 4 The attacker uses hardware to remotely monitor a user’s input activity to harvest credentials. - Attack Identified. Keylogger - BEST Preventive or Remediation Action. Conduct a code review 5 The attacker embeds hidden access in an internally developed application that bypasses account login. - Attack Identified. Backdoor - BEST Preventive or Remediation Action. Implement a host-based IPS

Zayrdis

Upon vast research these make the best sense. 1. Botnet - Enable DDos 2. RAT - Disable remote access services 3. Worm - Change default application password 4. Keylogger - Implement a host-based IPS 5. Backdoor - Conduct code review