What type of vulnerability/attack is it when the malicious person forces the user’s browser to send an authenticated request to a server?
What type of vulnerability/attack is it when the malicious person forces the user’s browser to send an authenticated request to a server?A . Cross-site request forgeryB . Cross-site scriptingC . Session hijackingD . Server side request forgeryView AnswerAnswer: A
Darius is analysing IDS logs. During the investigation, he noticed that there was nothing suspicious found and an alert was triggered on normal web application traffic.
Darius is analysing IDS logs. During the investigation, he noticed that there was nothing suspicious found and an alert was triggered on normal web application traffic. He can mark this alert as:A . False-NegativeB . False-PositiveC . True-PositiveD . False-SignatureView AnswerAnswer: A
Which of the following is considered as one of the most reliable forms of TCP scanning?
Which of the following is considered as one of the most reliable forms of TCP scanning?A . TCP Connect/Full Open ScanB . Half-open ScanC . NULL ScanD . Xmas ScanView AnswerAnswer: A
Which of the following act requires employer’s standard national numbers to identify them on standard transactions?
Which of the following act requires employer’s standard national numbers to identify them on standard transactions?A . SOXB . HIPAAC . DMCAD . PCI-DSSView AnswerAnswer: B
What does the -oX flag do in an Nmap scan?
What does the -oX flag do in an Nmap scan?A . Perform an express scanB . Output the results in truncated format to the screenC . Perform an Xmas scanD . Output the results in XML format to a fileView AnswerAnswer: D
What do you want to ""know"" to prove yourself that it was Bob who had send a mail?
Bob, your senior colleague, has sent you a mail regarding a deal with one of the clients. You are requested to accept the offer and you oblige. After 2 days. Bob denies that he had ever sent a mail. What do you want to ""know"" to prove yourself that it...
Which of the following scanning method splits the TCP header into several packets and makes it difficult for packet filters to detect the purpose of the packet?
Which of the following scanning method splits the TCP header into several packets and makes it difficult for packet filters to detect the purpose of the packet?A . ICMP Echo scanningB . SYN/FIN scanning using IP fragmentsC . ACK flag probe scanningD . IPID scanningView AnswerAnswer: B
Which of the following provides a security professional with most information about the system’s security posture?
Which of the following provides a security professional with most information about the system’s security posture?A . Wardriving, warchalking, social engineeringB . Social engineering, company site browsing, tailgatingC . Phishing, spamming, sending trojansD . Port scanning, banner grabbing, service identificationView AnswerAnswer: D
Which one of the following Google advanced search operators allows an attacker to restrict the results to those websites in the given domain?
Which one of the following Google advanced search operators allows an attacker to restrict the results to those websites in the given domain?A . [cache:]B . [site:]C . [inurl:]D . [link:]View AnswerAnswer: B
How is the public key distributed in an orderly, controlled fashion so that the users can be sure of the sender’s identity?
How is the public key distributed in an orderly, controlled fashion so that the users can be sure of the sender’s identity?A . Hash valueB . Private keyC . Digital signatureD . Digital certificateView AnswerAnswer: D