Which of the following lines in the user’s history log shows evidence that the user attempted to escape the
The security administrator is analyzing a user’s history file on a Unix server to determine if the
user was attempting to break out of a rootjail. Which of the following lines in the user’s history log
shows evidence that the user attempted to escape the rootjail?
Which of the following is the developer performing when testing the application?
A software development company has hired a programmer to develop a plug-in module to an
existing proprietary application. After completing the module, the developer needs to test the entire
application to ensure that the module did not introduce new vulnerabilities. Which of the following
is the developer performing when testing the application?
Which of the following technical controls must be implemented to enforce the corporate policy?
A security administrator must implement all requirements in the following corporate policy:
Passwords shall be protected against offline password brute force attacks.
Passwords shall be protected against online password brute force attacks.
Which of the following technical controls must be implemented to enforce the corporate policy?
(Select THREE).
Which of the following is a best practice for error and exception handling?
Which of the following is a best practice for error and exception handling?
Which of the following BEST protects the credit card data?
A merchant acquirer has the need to store credit card numbers in a transactional database in a
high performance environment. Which of the following BEST protects the credit card data?
Which of the following BEST protects the master password list?
A team of firewall administrators have access to a ‘master password list’ containing service
account passwords. Which of the following BEST protects the master password list?
Which of the following describes how this private key should be stored so that it is protected from theft?
An SSL/TLS private key is installed on a corporate web proxy in order to inspect HTTPS requests.
Which of the following describes how this private key should be stored so that it is protected from
theft?
Which of the following is the BEST approach to implement this process?
An insurance company requires an account recovery process so that information created by an
employee can be accessed after that employee is no longer with the firm. Which of the following is
the BEST approach to implement this process?
Which of the following is the BEST approach to implement this process?
A small company has a website that provides online customer support. The company requires an
account recovery process so that customers who forget their passwords can regain access. Which
of the following is the BEST approach to implement this process?
which will improve in-transit protection of transactional data?
A bank has a fleet of aging payment terminals used by merchants for transactional processing.
The terminals currently support single DES but require an upgrade in order to be compliant with
security standards. Which of the following is likely to be the simplest upgrade to the aging
terminals which will improve in-transit protection of transactional data?