- All Exams Instant Download
What type of analysis is performed when an attacker has partial knowledge of inner-workings of the application?
What type of analysis is performed when an attacker has partial knowledge of inner-workings of the application?A . Black-boxB . AnnouncedC . White-boxD . Grey-boxView AnswerAnswer: D
What is the name of the command used by SMTP to transmit email over TLS?
Email is transmitted across the Internet using the Simple Mail Transport Protocol. SMTP does not encrypt email, leaving the information in the message vulnerable to being read by an unauthorized person. SMTP can upgrade a connection between two mail servers to use TLS. Email transmitted by SMTP over TLS is...
Which Nmap option would you use if you were not concerned about being detected and wanted to perform a very fast scan?
Which Nmap option would you use if you were not concerned about being detected and wanted to perform a very fast scan?A . -T0B . -T5C . -OD . -AView AnswerAnswer: B
What would you enter, if you wanted to perform a stealth scan using Nmap?
What would you enter, if you wanted to perform a stealth scan using Nmap?A . nmap -sUB . nmap -sSC . nmap -sMD . nmap -sTView AnswerAnswer: B
Identify the web application attack where the attackers exploit vulnerabilities in dynamically generated web pages to inject client-side script into web pages viewed by other users.
Identify the web application attack where the attackers exploit vulnerabilities in dynamically generated web pages to inject client-side script into web pages viewed by other users.A . SQL injection attackB . Cross-Site Scripting (XSS)C . LDAP Injection attackD . Cross-Site Request Forgery (CSRF)View AnswerAnswer: B
If an attacker uses the command SELECT*FROM user WHERE name = ‘x’ AND userid IS NULL; --‘; which type of SQL injection attack is the attacker performing?
If an attacker uses the command SELECT*FROM user WHERE name = ‘x’ AND userid IS NULL; --‘; which type of SQL injection attack is the attacker performing?A . End of Line CommentB . UNION SQL InjectionC . Illegal/Logically Incorrect QueryD . TautologyView AnswerAnswer: D
What do you want to “know” to prove yourself that it was Bob who had send a mail?
Bob, your senior colleague, has sent you a mail regarding a deal with one of the clients. You are requested to accept the offer and you oblige. After 2 days. Bob denies that he had ever sent a mail. What do you want to “know” to prove yourself that it...
Based on the below log, which of the following sentences are true?
Based on the below log, which of the following sentences are true? Mar 1, 2016, 7:33:28 AM 10.240.250.23 C 54373 10.249.253.15 C 22 tcp_ipA . SSH communications are encrypted it’s impossible to know who is the client or the serverB . Application is FTP and 10.240.250.23 is the client and...
When tuning security alerts, what is the best approach?
When tuning security alerts, what is the best approach?A . Tune to avoid False positives and False NegativesB . Rise False positives Rise False NegativesC . Decrease the false positivesD . Decrease False negativesView AnswerAnswer: A
Which of the following is an adaptive SQL Injection testing technique used to discover coding errors by inputting massive amounts of random data and observing the changes in the output?
Which of the following is an adaptive SQL Injection testing technique used to discover coding errors by inputting massive amounts of random data and observing the changes in the output?A . Function TestingB . Dynamic TestingC . Static TestingD . Fuzzing TestingView AnswerAnswer: D
