Which of the following is MOST likely to be contained in the download?
A user casually browsing the Internet is redirected to a warez site where a number of pop-ups
appear. After clicking on a pop-up to complete a survey, a drive-by download occurs. Which of the
following is MOST likely to be contained in the download?
Which of the following should the security administrator do in regards to the application?
A security administrator plans on replacing a critical business application in five years. Recently,
there was a security flaw discovered in the application that will cause the IT department to
manually re-enable user accounts each month at a cost of $2,000. Patching the application today
would cost $140,000 and take two months to implement. Which of the following should the security
administrator do in regards to the application?
which of the following control types?
The IT department has setup a share point site to be used on the intranet. Security has
established the groups and permissions on the site. No one may modify the permissions and all
requests for access are centrally managed by the security team. This is an example of which of
the following control types?
Which of the following attack types is this?
Purchasing receives a phone call from a vendor asking for a payment over the phone. The phone
number displayed on the caller ID matches the vendor’s number. When the purchasing agent asks
to call the vendor back, they are given a different phone number with a different area code. Which
of the following attack types is this?
Which of the following attack types is this?
Purchasing receives an automated phone call from a bank asking to input and verify credit card
information. The phone number displayed on the caller ID matches the bank. Which of the
following attack types is this?
Which of the following account management practices does this help?
The IT department has setup a website with a series of questions to allow end users to reset their
own accounts. Which of the following account management practices does this help?
Which of the following authentication services should be used on this port by default?
An information bank has been established to store contacts, phone numbers and other records. A
UNIX application needs to connect to the index server using port 389. Which of the following
authentication services should be used on this port by default?
Which mitigation measure would detect and correct this?
An internal auditor is concerned with privilege creep that is associated with transfers inside the
company. Which mitigation measure would detect and correct this?
Which of the following is the default port for TFTP?
Which of the following is the default port for TFTP?
Which of the following concepts are included on the three sides of the “security triangle”?
Which of the following concepts are included on the three sides of the “security triangle”? (Select
THREE).