- All Exams Instant Download
Which of the following requests best i lust rates an attempt to exploit an insecure direct object reference vulnerability?
Insecure direct object reference is a type of vulnerability where the application does not verify if the user is authorized to access the internal object via its name or key. Suppose a malicious user Rob tries to get access to the account of a benign user Ned. Which of the...
Which results will be returned with the following Google search query? site: target.com site: Marketing target.com accounting
Which results will be returned with the following Google search query? site: target.com site: Marketing target.com accountingA . Results from matches on the site marketing.target.com that are in the domain target.com but do not include the word accounting.B . Results matching all words in the query.C . Results for matches...
What is the best way to find out?
You are doing an internal security audit and intend to find out what ports are open on all the servers. What is the best way to find out?A . Scan servers with NmapB . Scan servers with MBSAC . Telnet to every port on each serverD . Physically go to...
What kind of vulnerability must be present to make this remote attack possible?
A network administrator discovers several unknown files in the root directory of his Linux FTP server. One of the files is a tarball two are shell script files, and the third is a binary file is named "nc." The FTP server's access logs show that the anonymous user account logged...
What is the best option to do this job?
An enterprise recent y moved to a new of ice and the new neighborhood is a littler is risky. The CEO wants to monitor the physical perimeter and the entrance doors 24 hours. What is the best option to do this job?A . Use fences in the entrance doors.B ....
What should this employee do?
An IT employee got a call from one of our best customers. The caller wanted to know about the company's network infrastructure, systems, and team. New opportunities of integration are insight for both company and customer. What should this employee do?A . The employees cannot provide any information; but, anyway,...
John the Ripper is a technical assessment tool used to test the weakness of which of the following?
John the Ripper is a technical assessment tool used to test the weakness of which of the following?A . UsernamesB . File permissionsC . Firewall rulesetsD . PasswordsView AnswerAnswer: D
Which type of virus detection method did Chandler use in this context?
Chandler works as a pen-tester in an IT-firm in New York. As a part of detecting viruses in the systems, he uses a detection method where the anti-virus executes the malicious codes on a virtual machine to simulate CPU and memory activities. Which type of virus detection method did Chandler...
Which protocol will allow you to guess a sequence number?
You are attempting to man-in-the-middle a session. Which protocol will allow you to guess a sequence number?A . ICMPB . TCPC . UP XD . UPDView AnswerAnswer: B
Which type of security features tops vehicles from crashing through the doors of a building?
Which type of security features tops vehicles from crashing through the doors of a building?A . TurnstileB . BollardsC . Man trapD . ReceptionistView AnswerAnswer: B
