- All Exams Instant Download
Which of the following is a component of a risk assessment?
Which of the following is a component of a risk assessment?A . Administrative safeguardsB . Physical securityC . DMZD . Logical interfaceView AnswerAnswer: A
It affected many Internet-facing services, which OS did it not directly affect?
Shellshock allowed an unauthorized user to gain access to a server. It affected many Internet-facing services, which OS did it not directly affect?A . LinuxB . UnixC . OS XD . WindowsView AnswerAnswer: D
What Nmap script will help you with this task?
When you are getting information about a web server, it is very important to know the HTTP Methods (GET, POST, HEAD, PUT, DELETE, TRACE) that are available because there are two critical methods (PUT and DELETE). PUT can upload a file to the server and DELETE can delete a file...
Which is the first step followed by Vulnerability Scanners for scanning a network?
Which is the first step followed by Vulnerability Scanners for scanning a network?A . OS DetectionB . Firewall detectionC . TCP/UDP Port scanningD . Checking if the remote host is aliveView AnswerAnswer: D Explanation: Vulnerability scanning solutions perform vulnerability penetration tests on the organizational network in three steps:
What is the best security policy concerning this setup?
A large mobile telephony and data network operator has a data center that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and IPS systems. What is the best security policy concerning this setup?A . Network elements must...
In the field of cryptanalysis, what is meant by a “rubber-hose” attack?
In the field of cryptanalysis, what is meant by a “rubber-hose” attack?A . Forcing the targeted keystream through a hardware-accelerated device such as an ASIC.B . A backdoor placed into a cryptographic algorithm by its creator.C . Extraction of cryptographic secrets through coercion or torture.D . Attempting to decrypt ciphertext...
What is the first step that the bank should take before enabling the audit feature?
A bank stores and processes sensitive privacy information related to home loans. However, auditing has never been enabled on the system. What is the first step that the bank should take before enabling the audit feature?A . Perform a vulnerability scan of the system.B . Determine the impact of enabling...
Although FTP traffic is not encrypted by default, which layer 3 protocol would allow for end-to-end encryption of the connection?
Although FTP traffic is not encrypted by default, which layer 3 protocol would allow for end-to-end encryption of the connection?A . SFTPB . IpsecC . SSLD . FTPSView AnswerAnswer: B Explanation: https://en.wikipedia.org/wiki/IPsec Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts the packets of data...
The “Gray-box testing” methodology enforces what kind of restriction?
The “Gray-box testing” methodology enforces what kind of restriction?A . Only the external operation of a system is accessible to the tester.B . The internal operation of a system in only partly accessible to the tester.C . Only the internal operation of a system is known to the tester.D ....
Which system consists of a publicly available set of databases that contain domain name registration contact information?
Which system consists of a publicly available set of databases that contain domain name registration contact information?A . WHOISB . CAPTCHAC . IANAD . IETFView AnswerAnswer: A
