- All Exams Instant Download
What may be the problem?
You are the Network Admin, and you get a complaint that some of the websites are no longer accessible. You try to ping the servers and find them to be reachable. Then you type the IP address and then you try on the browser, and find it to be accessible....
What is not a PCI compliance recommendation?
What is not a PCI compliance recommendation?A . Use a firewall between the public network and the payment card data.B . Use encryption to protect all transmission of card holder data over any public network.C . Rotate employees handling credit card transactions on a yearly basis to different departments.D ....
What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?
What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?A . Residual riskB . Impact riskC . Deferred riskD . Inherent riskView AnswerAnswer: A Explanation: https://en.wikipedia.org/wiki/Residual_risk The residual risk is the risk or danger of an action or an event,...
Which statement below is true?
Bob received this text message on his mobile phone: “Hello, this is Scott Smelby from the Yahoo Bank. Kindly contact me for a vital transaction on: [email protected]”. Which statement below is true?A . This is a scam as everybody can get a @yahoo address, not the Yahoo customer service employees.B...
What testing method did you use?
You are tasked to perform a penetration test. While you are performing information gathering, you find an employee list in Google. You find the receptionist’s email, and you send her an email changing the source email to her boss’s email (boss@company). In this email, you ask for a pdf with...
What is not a PCI compliance recommendation?
What is not a PCI compliance recommendation?A . Use a firewall between the public network and the payment card data.B . Use encryption to protect all transmission of card holder data over any public network.C . Rotate employees handling credit card transactions on a yearly basis to different departments.D ....
What is the closest approximate cost of this replacement and recovery operation per year?
The change of a hard drive failure is once every three years. The cost to buy a new hard drive is $300. It will require 10 hours to restore the OS and software to the new hard disk. It will require a further 4 hours to restore the database from...
In this context, what can you say?
Bob, a system administrator at TPNQM SA, concluded one day that a DMZ is not needed if he properly configures the firewall to allow access just to servers/ports, which can have direct internet access, and block the access to workstations. Bob also concluded that DMZ makes sense just when a...
Why is a penetration test considered to be more thorough than vulnerability scan?
Why is a penetration test considered to be more thorough than vulnerability scan?A . Vulnerability scans only do host discovery and port scanning by default.B . A penetration test actively exploits vulnerabilities in the targeted infrastructure, while a vulnerability scan does not typically involve active exploitation.C . It is not...
Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs?
Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs?A . NiktoB . John the RipperC . DsniffD . SnortView AnswerAnswer: A Explanation: https://en.wikipedia.org/wiki/Nikto_(vulnerability_scanner) Nikto is a free software command-line vulnerability scanner that scans web servers for dangerous files/CGIs, outdated server software, and other...
