- All Exams Instant Download
Which of the following is a hardware-specific vulnerability?
Which of the following is a hardware-specific vulnerability?A . Firmware versionB . Buffer overflowC . SQL injectionD . Cross-site scriptingView AnswerAnswer: A Explanation: Firmware is a type of software that is embedded in a hardware device, such as a router, a printer, or a BIOS chip. Firmware controls the basic...
Which of the following methods would allow this functionality?
A data administrator is configuring authentication for a SaaS application and would like to reduce the number of credentials employees need to maintain. The company prefers to use domain credentials to access new SaaS applications. Which of the following methods would allow this functionality?A . SSOB . LEAPC . MFAD...
Which of the following fulfills this request?
4.9. A security analyst is creating an inbound firewall rule to block the IP address from accessing the organization’s network. Which of the following fulfills this request?A . access-list inbound deny ig source 0.0.0.0/0 destination 10.1.4.9/32B . access-list inbound deny ig source 10.1.4.9/32 destination 0.0.0.0/0C . access-list inbound permit ig...
Which of the following enables the use of an input field to run commands that can view or manipulate data?
Which of the following enables the use of an input field to run commands that can view or manipulate data?A . Cross-site scriptingB . Side loadingC . Buffer overflowD . SQL injectionView AnswerAnswer: D Explanation: = SQL injection is a type of attack that enables the use of an input...
Which of the following threat actors is the most likely to use large financial resources to attack critical systems located in other countries?
Which of the following threat actors is the most likely to use large financial resources to attack critical systems located in other countries?A . InsiderB . Unskilled attackerC . Nation-stateD . HacktivistView AnswerAnswer: C Explanation: A nation-state is a threat actor that is sponsored by a government or a political...
Which of the following data classifications should be used to secure patient data?
A systems administrator works for a local hospital and needs to ensure patient data is protected and secure. Which of the following data classifications should be used to secure patient data?A . PrivateB . CriticalC . SensitiveD . PublicView AnswerAnswer: C Explanation: Data classification is a process of categorizing data...
Which of the following changes would allow users to access the site?
Users at a company are reporting they are unable to access the URL for a new retail website because it is flagged as gambling and is being blocked. Which of the following changes would allow users to access the site?A . Creating a firewall rule to allow HTTPS trafficB ....
Which of the following describes this scenario?
The marketing department set up its own project management software without telling the appropriate departments. Which of the following describes this scenario?A . Shadow ITB . Insider threatC . Data exfiltrationD . Service disruptionView AnswerAnswer: A Explanation: Shadow IT is the term used to describe the use of unauthorized or...
Which of the following search strings should an analyst employ to prohibit access to non-encrypted websites?
A company’s web filter is configured to scan the URL for strings and deny access when matches are found. Which of the following search strings should an analyst employ to prohibit access to non-encrypted websites?A . encryption=offB . http://C . www.*.comD . :443View AnswerAnswer: B Explanation: A web filter is...
Which of the following is the best option?
A technician wants to improve the situational and environmental awareness of existing users as they transition from remote to in-office work. Which of the following is the best option?A . Send out periodic security reminders.B . Update the content of new hire documentation.C . Modify the content of recurring training....
