Identify the UDP port that Network Time Protocol (NTP) uses as its primary means of communication?

Identify the UDP port that Network Time Protocol (NTP) uses as its primary means of communication?A . 123B . 161C . 69D . 113View AnswerAnswer: A

September 29, 2021 No Comments READ MORE +

Which of the following tools can be used for passive OS fingerprinting?

Which of the following tools can be used for passive OS fingerprinting?A . tcpdumpB . nmapC . pingD . tracertView AnswerAnswer: A

September 29, 2021 No Comments READ MORE +

Which of the following is one of the most effective ways to prevent Cross-site Scripting (XSS) flaws in software applications?

Which of the following is one of the most effective ways to prevent Cross-site Scripting (XSS) flaws in software applications?A . Use security policies and procedures to define and implement proper security settings.B . Use digital certificates to authenticate a server prior to sending dataC . Validate and escape all...

September 29, 2021 No Comments READ MORE +

Which of the following attacks exploits web age vulnerabilities that allow an attacker to force an unsuspecting user's browser to send malicious requests they did not intend?

Which of the following attacks exploits web age vulnerabilities that allow an attacker to force an unsuspecting user's browser to send malicious requests they did not intend?A . Command Injection AttacksB . File Injection AttackC . Cross-Site Request Forgery (CSRF)D . Hidden Field Manipulation AttackView AnswerAnswer: C

September 29, 2021 No Comments READ MORE +

Why is a penetration test considered to be more thorough than vulnerability scan?

Why is a penetration test considered to be more thorough than vulnerability scan?A . Vulnerability scans only do host discovery and port scanning by default.B . A penetration test actively exploits vulnerabilities in the targeted infrastructure, while a vulnerability scan does not typically involve active exploitation.C . It is not-a...

September 29, 2021 No Comments READ MORE +

What sort of security breach is this policy attempting to mitigate?

A company's security policy states that all Web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is this policy attempting to mitigate?A . Attempts by attackers to access the user and password information stored in the company's SQL database.B . Attempts by attackers...

September 29, 2021 No Comments READ MORE +

What tool should the analyst use to perform a Blackjacking attack?

A large company intends to use Blackberry for corporate mobile phones and a security analyst is assigned to evaluate the possible threats. The analyst will use the Blackjacking attack method to demonstrate how an attacker could circumvent perimeter defenses and gain access to the Prometric Online Testing-Reports https://ibt1.prometric.com/users/custom/reportqueue/rgstr...corporate network. What...

September 28, 2021 No Comments READ MORE +

Why should the security analyst disable/remove unnecessary ISAPI filters?

Why should the security analyst disable/remove unnecessary ISAPI filters?A . To defend against social engineering attacksB . To defend against webserver attacksC . To defend against jail breakingD . To defend against wireless attacksView AnswerAnswer: B

September 28, 2021 No Comments READ MORE +

What is the Shellshock bash vulnerability attempting to do a vulnerable Linux host?

What is the Shellshock bash vulnerability attempting to do a vulnerable Linux host? env x='({:; }; echo exploit' bash-c ’cat/etc/passwd'A . Removes the passwd fileB . Changes all passwords in passwdC . Add new user to the passwd fileD . Display passwd content to promptView AnswerAnswer: D

September 28, 2021 No Comments READ MORE +

What term is commonly used when referring to this type of testing?

To determine if a software program properly handles a wide range of invalid input, a form of automated testing can be used to randomly generate invalid input in an attempt to crash the program. What term is commonly used when referring to this type of testing?A . RandomizingB . BoundingC...

September 28, 2021 No Comments READ MORE +