- All Exams Instant Download
Which of the following attacks can be prevented by using output encoding?
Which of the following attacks can be prevented by using output encoding?A . Server-side request forgeryB . Cross-site scriptingC . SQL injectionD . Command injectionE . Cross-site request forgeryF . Directory traversalView AnswerAnswer: B
Which of the following conclusions can be drawn with respect to the threat and impact?
An organization suspects it has had a breach, and it is trying to determine the potential impact. The organization knows the following: ✑ . The source of the breach is linked to an IP located in a foreign country. ✑ The breach is isolated to the research and development servers....
Which of the following would BEST protect the sensitivity of this data while still allowing the team to perform the testing?
A development team is testing a new application release. The team needs to import existing client PHI data records from the production environment to the test environment to test accuracy and functionality. Which of the following would BEST protect the sensitivity of this data while still allowing the team to...
Which of the following was MOST likely used to discover this?
An analyst is reviewing the following output: Which of the following was MOST likely used to discover this?A . Reverse engineering using a debuggerB . A static analysis vulnerability scanC . A passive vulnerability scanD . A web application vulnerability scanView AnswerAnswer: C
Which of the following frameworks would BEST apply in this situation?
A cybersecurity analyst is dissecting an intrusion down to the specific techniques and wants to organize them in a logical manner. Which of the following frameworks would BEST apply in this situation?A . Pyramid of PainB . MITRE ATT&CKC . Diamond Model of Intrusion AnalystsD . CVSS v3.0View AnswerAnswer: B
What is the executable file name or the malware?
What is the executable file name or the malware? View AnswerAnswer: Select the following answer as per diagram below.
Which of the following technologies can be used to house the entropy keys for task encryption on desktops and laptops?
Which of the following technologies can be used to house the entropy keys for task encryption on desktops and laptops?A . Self-encrypting driveB . Bus encryptionC . TPMD . HSMView AnswerAnswer: A
Which of the following risk actions has the security committee taken?
A security analyst is providing a risk assessment for a medical device that will be installed on the corporate network. During the assessment, the analyst discovers the device has an embedded operating system that will be at the end of its life in two years. Due to the criticality of...
Which of the following would provide the BEST results?
A security analyst wants to identify which vulnerabilities a potential attacker might initially exploit if the network is compromised. Which of the following would provide the BEST results?A . Baseline configuration assessmentB . Uncredentialed scanC . Network ping sweepD . External penetration testView AnswerAnswer: D
A security analyst suspects a malware infection was caused by a user who downloaded malware after clicking http://<malwaresource>/A.php in a phishing email.
A security analyst suspects a malware infection was caused by a user who downloaded malware after clicking http://<malwaresource>/A.php in a phishing email. To prevent other computers from being infected by the same malware variation, the analyst should create a rule on the. A. email server that automatically deletes attached executables....
