- All Exams Instant Download
What is the first step that the bank should take before enabling the audit feature?
A bank stores and processes sensitive privacy information related to home loans. However, auditing has never been enabled on the system. What is the first step that the bank should take before enabling the audit feature?A . Perform a vulnerability scan of the system.B . Determine the impact of enabling...
Although FTP traffic is not encrypted by default, which layer 3 protocol would allow for end-to-end encryption of the connection?
Although FTP traffic is not encrypted by default, which layer 3 protocol would allow for end-to-end encryption of the connection?A . SFTPB . IpsecC . SSLD . FTPSView AnswerAnswer: B Explanation: https://en.wikipedia.org/wiki/IPsec Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts the packets of data...
The “Gray-box testing” methodology enforces what kind of restriction?
The “Gray-box testing” methodology enforces what kind of restriction?A . Only the external operation of a system is accessible to the tester.B . The internal operation of a system in only partly accessible to the tester.C . Only the internal operation of a system is known to the tester.D ....
Which system consists of a publicly available set of databases that contain domain name registration contact information?
Which system consists of a publicly available set of databases that contain domain name registration contact information?A . WHOISB . CAPTCHAC . IANAD . IETFView AnswerAnswer: A
Which of the following is not a Bluetooth attack?
Which of the following is not a Bluetooth attack?A . BluedrivingB . BluesmackingC . BluejackingD . BluesnarfingView AnswerAnswer: A Explanation: https://github.com/verovaleros/bluedriving Bluedriving is a bluetooth wardriving utility. It can capture bluetooth devices, lookup their services, get GPS information and present everything in a nice web page. It can search for...
At what layer of the OSI layer does the encryption and decryption of the message take place?
User A is writing a sensitive email message to user B outside the local network. User A has chosen to use PKI to secure his message and ensure only user B can read the sensitive email. At what layer of the OSI layer does the encryption and decryption of the...
What is the known plaintext attack used against DES which gives the result that encrypting plaintext with one DES key followed by encrypting it with a second DES key is no more secure than using a single key?
What is the known plaintext attack used against DES which gives the result that encrypting plaintext with one DES key followed by encrypting it with a second DES key is no more secure than using a single key?A . Man-in-the-middle attackB . Meet-in-the-middle attackC . Replay attackD . Traffic analysis...
Which tool can be used to perform session splicing attacks?
Session splicing is an IDS evasion technique in which an attacker delivers data in multiple, small sized packets to the target computer, making it very difficult for an IDS to detect the attack signatures. Which tool can be used to perform session splicing attacks?A . tcpspliceB . BurpC . HydraD...
What is not a PCI compliance recommendation?
What is not a PCI compliance recommendation?A . Use a firewall between the public network and the payment card data.B . Use encryption to protect all transmission of card holder data over any public network.C . Rotate employees handling credit card transactions on a yearly basis to different departments.D ....
What is not a PCI compliance recommendation?
What is not a PCI compliance recommendation?A . Use a firewall between the public network and the payment card data.B . Use encryption to protect all transmission of card holder data over any public network.C . Rotate employees handling credit card transactions on a yearly basis to different departments.D ....
