which type of security device?
The security concept of “separation of duties” is most similar to the operation of which type of security device?
Which of the following security operations is used for …
Which of the following security operations is used for determining the attack surface of an organization?
Which of the following is a protocol specifically desig…
Which of the following is a protocol specifically designed for transporting event messages?
what kind of software design problem?
An attacker gains access to a Web server’s database and displays the contents of the table that holds all of the
names, passwords, and other user information. The attacker did this by entering information into the Web site’s
user login page that the software’s designers did not expect to be entered. This is an example of what kind of
software design problem?
What type of network tool can be used to determine if t…
An Intrusion Detection System (IDS) has alerted the network administrator to a possibly malicious sequence of
packets sent to a Web server in the network’s external DMZ. The packet traffic was captured by the IDS and
saved to a PCAP file.
What type of network tool can be used to determine if these packets are genuinely malicious or simply a false
positive?
What is a possible source of this problem?
A new wireless client is configured to join a 802.11 network. This client uses the same hardware and software
as many of the other clients on the network. The client can see the network, but cannot connect. A wireless
packet sniffer shows that the Wireless Access Point (WAP) is not responding to the association requests being
sent by the wireless client.
What is a possible source of this problem?
Which AAA protocol is most likely able to handle this r…
An Internet Service Provider (ISP) has a need to authenticate users connecting using analog modems, Digital
Subscriber Lines (DSL), wireless data services, and Virtual Private Networks (VPN) over a Frame Relay
network.
Which AAA protocol is most likely able to handle this requirement?
Which of the following is one of the most effective way…
Which of the following is one of the most effective ways to prevent Cross-site Scripting (XSS) flaws in software
applications?
Which of the following is considered the best way to pr…
Which of the following is considered the best way to protect Personally Identifiable Information (PII) from Web
application vulnerabilities?
What kind of Web application vulnerability likely exist…
A company’s Web development team has become aware of a certain type of security vulnerability in their Web
software. To mitigate the possibility of this vulnerability being exploited, the team wants to modify the software
requirements to disallow users from entering HTML as input into their Web application.
What kind of Web application vulnerability likely exists in their software?