Which of the following should the consultant do in order to produce more accurate results?
An outside security consultant produces a report of several vulnerabilities for a particular server.
Upon further investigation, it is determine that the vulnerability reported does not apply to the
platform the server is running on. Which of the following should the consultant do in order to
produce more accurate results?
which of the following types of attack is this application susceptible?
A programmer has allocated a 32 bit variable to store the results of an operation between two user
supplied 4 byte operands. To which of the following types of attack is this application susceptible?
Which of the following would be the best way to prevent this type of attack from occurring again?
A security administrator is reviewing logs and notices multiple attempts to access the HVAC
controls by a workstation with an IP address from the open wireless network. Which of the
following would be the best way to prevent this type of attack from occurring again?
Which of the following should be configured in the new application to enable this functionality?
An application developer needs to allow employees to use their network credentials to access a
new application being developed. Which of the following should be configured in the new
application to enable this functionality?
Which of the following could BEST prevent this from occurring again?
During a routine audit it is discovered that someone has been using a state administrator account
to log into a seldom used server. The person used server. The person has been using the server
to view inappropriate websites that are prohibited to end users. Which of the following could BEST
prevent this from occurring again?
Which of the following practices would best allow for this testing while keeping the corporate network safe?
A security engineer would like to analyze the effect of deploying a system without patching it to
discover potential vulnerabilities. Which of the following practices would best allow for this testing
while keeping the corporate network safe?
Which of the following controls can be implemented to prevent such unauthorized changes in the future?
The internal audit group discovered that unauthorized users are making unapproved changes to
various system configuration settings. This issue occurs when previously authorized users transfer
from one department to another and maintain the same credentials. Which of the following
controls can be implemented to prevent such unauthorized changes in the future?
Which of the following best describes this technique?
In order to gain an understanding of the latest attack tools being used in the wild, an administrator
puts a Unix server on the network with the root users password to set root. Which of the following
best describes this technique?
Which of the following should be configured?
An administrator, Ann, wants to ensure that only authorized devices are connected to a switch.
She decides to control access based on MAC addresses. Which of the following should be
configured?
Which of the following was implemented to detect this issue?
A one time security audit revealed that employees do not have the appropriate access to system
resources. The auditor is concerned with the fact that most of the accounts audited have
unneeded elevated permission to sensitive resources. Which of the following was implemented to
detect this issue?