- All Exams Instant Download
Code injection is a form of attack in which a malicious user:
Code injection is a form of attack in which a malicious user:A . Inserts text into a data field that gets interpreted as codeB . Gets the server to execute arbitrary code using a buffer overflowC . Inserts additional code into the JavaScript running in the browserD . Gains access...
What process would help him?
A hacker named Jack is trying to compromise a bank’s computer system. He needs to know the operating system of that computer to launch further attacks. What process would help him?A . Banner GrabbingB . IDLE/IPID ScanningC . SSDP ScanningD . UDP ScanningView AnswerAnswer: A
What is the main theme of the sub-policies for Information Technologies?
Security Policy is a definition of what it means to be secure for a system, organization or other entity. For Information Technologies, there are sub-policies like Computer Security Policy, Information Protection Policy, Information Security Policy, network Security Policy, Physical Security Policy, Remote Access Policy, and User Account Policy. What is...
What does the -oX flag do in an Nmap scan?
What does the -oX flag do in an Nmap scan?A . Perform an express scanB . Output the results in truncated format to the screenC . Perform an Xmas scanD . Output the results in XML format to a fileView AnswerAnswer: D
Which is the first step followed by Vulnerability Scanners for scanning a network?
Which is the first step followed by Vulnerability Scanners for scanning a network?A . TCP/UDP Port scanningB . Firewall detectionC . OS DetectionD . Checking if the remote host is aliveView AnswerAnswer: D
Which of the following requirements would best fit under the objective, "Implement strong access control measures"?
The Payment Card Industry Data Security Standard (PCI DSS) contains six different categories of control objectives. Each objective contains one or more requirements, which must be followed in order to achieve compliance. Which of the following requirements would best fit under the objective, "Implement strong access control measures"?A . Regularly...
This proves that CompanyXYZ’s email gateway doesn’t prevent what?
CompanyXYZ has asked you to assess the security of their perimeter email gateway. From your office in New York, you craft a specially formatted email message and send it across the Internet to an employee of CompanyXYZ. The employee of CompanyXYZ is aware of your test. Your email message looks...
Which type of virus detection method did Chandler use in this context?
Chandler works as a pen-tester in an IT-firm in New York. As a part of detecting viruses in the systems, he uses a detection method where the anti-virus executes the malicious codes on a virtual machine to simulate CPU and memory activities. Which type of virus detection method did Chandler...
What is the minimum number of network connections in a multi homed firewall?
What is the minimum number of network connections in a multi homed firewall?A . 3B . 5C . 4D . 2View AnswerAnswer: A
According to the next configuration, what is happening in the network?
The security administrator of ABC needs to permit Internet traffic in the host 10.0.0.2 and UDP traffic in the host 10.0.0.3. He also needs to permit all FTP traffic to the rest of the network and deny all other traffic. After he applied his ACL configuration in the router, nobody...
