After visiting a website, a user receives an email thanking them for a purchase which they did not
request. Upon investigation the security administrator sees the following source code in a pop-up
window:
<HTML>
<body onload=”document.getElementByID(‘badForm’).submit()”>
<form id=”badForm” action=”shoppingsite.company.com/purchase.php” method=”post”
<input name=”Perform Purchase” value=”Perform Purchase” />
</form></body></HTML>
Which of the following has MOST likely occurred?

Which of the following ports should be used by a system administrator to securely manage a
remote server?

Which of the following ports is used to securely transfer files between remote UNIX systems?

Which of the following is a security benefit of providing additional HVAC capacity or increased
tonnage in a datacenter?

Fuzzing is a security assessment technique that allows testers to analyze the behavior of software
applications under which of the following conditions?

Which of the following types of wireless attacks would be used specifically to impersonate another
WAP in order to gain unauthorized information from mobile users?

Which of the following types of application attacks would be used to identify malware causing
security breaches that have NOT yet been identified by any trusted sources?

Which of the following is built into the hardware of most laptops but is not setup for centralized
management by default?

Which of the following is true about the recovery agent?

Which of the following MOST specifically defines the procedures to follow when scheduled system
patching fails resulting in system outages?