Which of the following consists of peer assessments that help identify security threats and vulnerabilities?
Which of the following consists of peer assessments that help identify security threats and
vulnerabilities?
Which of the following types of tests is this?
Ann is starting a disaster recovery program. She has gathered specifics and team members for a
meeting on site. Which of the following types of tests is this?
Which of the following is MOST likely the cause?
Pete, a security engineer, is trying to inventory all servers in a rack. The engineer launches RDP
sessions to five different PCs and notices that the hardware properties are similar. Additionally, the
MAC addresses of all five servers appear on the same switch port. Which of the following is MOST
likely the cause?
Which of the following types of password controls would achieve this goal?
An internal auditing team would like to strengthen the password policy to support special
characters. Which of the following types of password controls would achieve this goal?
Which of the following type of attacks is underway?
Sara, a security administrator, is noticing a slow down in the wireless network response. Sara
launches a wireless sniffer and sees a large number of ARP packets being sent to the AP. Which
of the following type of attacks is underway?
Which of the following can be implemented in hardware or software to protect a web server from cross-site scri
Which of the following can be implemented in hardware or software to protect a web server from
cross-site scripting attacks?
which of the following?
Pete, the security administrator, has been notified by the IDS that the company website is under
attack. Analysis of the web logs show the following string, indicating a user is trying to post a
comment on the public bulletin board.
INSERT INTO message ‘<script>source=http://evilsite</script>
This is an example of which of the following?
Which of the following practices should be implemented to help prevent race conditions, buffer overflows, and
Ann, the software security engineer, works for a major software vendor. Which of the following
practices should be implemented to help prevent race conditions, buffer overflows, and other
similar vulnerabilities prior to each production release?
which of the following?
Ann, a security analyst, is preparing for an upcoming security audit. To ensure that she identifies
unapplied security controls and patches without attacking or compromising the system, Ann would
use which of the following?
Which of the following techniques describes the use of application isolation during execution to prevent syste
Which of the following techniques describes the use of application isolation during execution to
prevent system compromise if the application is compromised?