Which of the following can still result in exposure of …
Highly sensitive data is stored in a database and is accessed by an application on a DMZ server. The disk drives on all servers are fully encrypted. Communication
between the application server and end-users is also encrypted. Network ACLs prevent any connections to the database server except from the application server.
Which of the following can still result in exposure of the sensitive data in the database server?
Which of the following is the MOST likely reason for th…
When an order was submitted via the corporate website, an administrator noted special characters (e.g., “;–” and “or 1=1 –“) were input instead of the expected
letters and numbers.
Which of the following is the MOST likely reason for the unusual results?
which of the following?
The string:
` or 1=1– –
Represents which of the following?
Which of the following types of application attacks wou…
Which of the following types of application attacks would be used to specifically gain unauthorized information from databases that did not have any input validation
implemented?
Which of the following attacks had the administrator di…
A security administrator looking through IDS logs notices the following entry: (where email=joe@joe.com and passwd= `or 1==1′)
Which of the following attacks had the administrator discovered?
Which of the following BEST describes a protective coun…
Which of the following BEST describes a protective countermeasure for SQL injection?
which of the following?
Pete, the security administrator, has been notified by the IDS that the company website is under attack. Analysis of the web logs show the following string,
indicating a user is trying to post a comment on the public bulletin board.
INSERT INTO message `<script>source=http://evilsite</script>
This is an example of which of the following?
which of the following attacks?
A security administrator develops a web page and limits input into the fields on the web page as well as filters special characters in output. The administrator is
trying to prevent which of the following attacks?
Which of the following attacks MOST likely occurred?
A victim is logged onto a popular home router forum site in order to troubleshoot some router configuration issues. The router is a fairly standard configuration and
has an IP address of 192.168.1.1. The victim is logged into their router administrative interface in one tab and clicks a forum link in another tab. Due to clicking the
forum link, the home router reboots. Which of the following attacks MOST likely occurred?
Which of the following wireless protocols could be vuln…
Which of the following wireless protocols could be vulnerable to a brute-force password attack? (Select TWO).