- All Exams Instant Download
Which of the following attack scenarios will compromise the privacy of her data?
Alice encrypts her data using her public key PK and stores the encrypted data in the cloud. Which of the following attack scenarios will compromise the privacy of her data?A . None of these scenarios compromise the privacy of Alice’s dataB . Agent Andrew subpoenas Alice, forcing her to reveal...
What type of analysis is performed when an attacker has partial knowledge of inner-workings of the application?
What type of analysis is performed when an attacker has partial knowledge of inner-workings of the application?A . Black-boxB . AnnouncedC . White-boxD . Grey-boxView AnswerAnswer: D
Which of the following requirements would best fit under the objective, "Implement strong access control measures"?
The Payment Card Industry Data Security Standard (PCI DSS) contains six different categories of control objectives. Each objective contains one or more requirements, which must be followed in order to achieve compliance. Which of the following requirements would best fit under the objective, "Implement strong access control measures"?A . Regularly...
Which one of the following tools the hacker probably used to inject HTML code?
An attacker, using a rogue wireless AP, performed an MITM attack and injected an HTML code to embed a malicious applet in all HTTP connections. When users accessed any page, the applet ran and exploited many machines. Which one of the following tools the hacker probably used to inject HTML...
According to the next configuration, what is happening in the network?
The security administrator of ABC needs to permit Internet traffic in the host 10.0.0.2 and UDP traffic in the host 10.0.0.3. He also needs to permit all FTP traffic to the rest of the network and deny all other traffic. After he applied his ACL configuration in the router, nobody...
Which Nmap option would you use if you were not concerned about being detected and wanted to perform a very fast scan?
Which Nmap option would you use if you were not concerned about being detected and wanted to perform a very fast scan?A . CT0B . CT5C . -OD . -AView AnswerAnswer: B
What is the minimum number of network connections in a multi homed firewall?
What is the minimum number of network connections in a multi homed firewall?A . 3B . 5C . 4D . 2View AnswerAnswer: A
Which of the following attacks exploits web age vulnerabilities that allow an attacker to force an unsuspecting user’s browser to send malicious requests they did not intend?
Which of the following attacks exploits web age vulnerabilities that allow an attacker to force an unsuspecting user’s browser to send malicious requests they did not intend?A . Command Injection AttacksB . File Injection AttackC . Cross-Site Request Forgery (CSRF)D . Hidden Field Manipulation AttackView AnswerAnswer: C
You need a tool that can do network intrusion prevention and intrusion detection, function as a network sniffer, and record network activity, what tool would you most likely select?
You need a tool that can do network intrusion prevention and intrusion detection, function as a network sniffer, and record network activity, what tool would you most likely select?A . NmapB . Cain & AbelC . NessusD . SnortView AnswerAnswer: D
Which of the following is an adaptive SQL Injection testing technique used to discover coding errors by inputting massive amounts of random data and observing the changes in the output?
Which of the following is an adaptive SQL Injection testing technique used to discover coding errors by inputting massive amounts of random data and observing the changes in the output?A . Function TestingB . Dynamic TestingC . Static TestingD . Fuzzing TestingView AnswerAnswer: D
