Which of the following can BEST help prevent cross-site scripting attacks and buffer overflows on a production
Which of the following can BEST help prevent cross-site scripting attacks and buffer overflows on a
production system?
The BEST methods for a web developer to prevent the website application code from being vulnerable to cross-si
The BEST methods for a web developer to prevent the website application code from being vulnerable to
cross-site request forgery (XSRF) are to: (Select TWO).
Which of the following has MOST likely occurred?
After visiting a website, a user receives an email thanking them for a purchase which they did not request.
Upon investigation the security administrator sees the following source code in a pop-up window:
<HTML>
<body onload=”document.getElementByID(‘badForm’).submit()”>
<form id=”badForm” action=”shoppingsite.company.com/purchase.php” method=”post” >
<input name=”Perform Purchase” value=”Perform Purchase”/>
</form>
</body>
</HTML>
Which of the following has MOST likely occurred?
Which of the following is the BEST way to prevent Cross-Site Request Forgery (XSRF) attacks?
Which of the following is the BEST way to prevent Cross-Site Request Forgery (XSRF) attacks?
The process of making certain that an entity (operating system, application, etc.) is as secure as it can be i
The process of making certain that an entity (operating system, application, etc.) is as secure as it can be
is known as:
which of the following before deploying new software?
Vendors typically ship software applications with security settings disabled by default to ensure a wide
range of interoperability with other applications and devices. A security administrator should perform
which of the following before deploying new software?
Which of the following describes the process of removing unnecessary accounts and services from an application
Which of the following describes the process of removing unnecessary accounts and services from an
application to reduce risk exposure?
Which of the following processes could MOST effectively mitigate these risks?
A network administrator is responsible for securing applications against external attacks. Every month,
the underlying operating system is updated. There is no process in place for other software updates.
Which of the following processes could MOST effectively mitigate these risks?
Which of the following could BEST prevent this issue from occurring again?
A recently installed application update caused a vital application to crash during the middle of the
workday. The application remained down until a previous version could be reinstalled on the server, and
this resulted in a significant loss of data and revenue.
Which of the following could BEST prevent this issue from occurring again?
Which of the following should the administrator implement?
An administrator finds that non-production servers are being frequently compromised, production
servers are rebooting at unplanned times and kernel versions are several releases behind the version with
all current security fixes.
Which of the following should the administrator implement?