Which of the following is this an example of?
After analyzing and correlating activity from multiple sensors, the security administrator has
determined that a group of very well organized individuals from an enemy country is responsible
for various attempts to breach the company network, through the use of very sophisticated and
targeted attacks. Which of the following is this an example of?
Which of the following was launched against a company based on the following IDS log? 122.41.15.252 – &#
Which of the following was launched against a company based on the following IDS log?
122.41.15.252 – – [21/May/2012:00:17:20 +1200] “GET
/index.php?username=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAA HTTP/1.1″ 200 2731 “http://www.company.com/cgibin/forum/commentary.pl/noframes/read/209” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.1; Hotbar 4.4.7.0)”
Which of the following lines in the user’s history log shows evidence that the user attempted to escape the
The security administrator is analyzing a user’s history file on a Unix server to determine if the
user was attempting to break out of a rootjail. Which of the following lines in the user’s history log
shows evidence that the user attempted to escape the rootjail?
Which of the following is the developer performing when testing the application?
A software development company has hired a programmer to develop a plug-in module to an
existing proprietary application. After completing the module, the developer needs to test the entire
application to ensure that the module did not introduce new vulnerabilities. Which of the following
is the developer performing when testing the application?
Which of the following technical controls must be implemented to enforce the corporate policy?
A security administrator must implement all requirements in the following corporate policy:
Passwords shall be protected against offline password brute force attacks.
Passwords shall be protected against online password brute force attacks.
Which of the following technical controls must be implemented to enforce the corporate policy?
(Select THREE).
Which of the following is a best practice for error and exception handling?
Which of the following is a best practice for error and exception handling?
Which of the following BEST protects the credit card data?
A merchant acquirer has the need to store credit card numbers in a transactional database in a
high performance environment. Which of the following BEST protects the credit card data?
Which of the following BEST protects the master password list?
A team of firewall administrators have access to a ‘master password list’ containing service
account passwords. Which of the following BEST protects the master password list?
Which of the following describes how this private key should be stored so that it is protected from theft?
An SSL/TLS private key is installed on a corporate web proxy in order to inspect HTTPS requests.
Which of the following describes how this private key should be stored so that it is protected from
theft?
Which of the following is the BEST approach to implement this process?
An insurance company requires an account recovery process so that information created by an
employee can be accessed after that employee is no longer with the firm. Which of the following is
the BEST approach to implement this process?