While performing data validation of web content, a security technician is required to restrict
malicious input. Which of the following processes is an efficient way of restricting malicious input?

A technician is resolving an issue where a computer is unable to connect to the Internet using a
wireless access point. The computer is able to transfer files locally to other machines, but cannot
successfully reach the Internet. When the technician examines the IP address and default
gateway they are both on the 192.168.1.0/24. Which of the following has occurred?

A Network Administrator was recently promoted to Chief Security Officer at a local university. One
of employee’s new responsibilities is to manage the implementation of an RFID card access
system to a new server room on campus. The server room will house student enrollment
information that is securely backed up to an off-site location.
During a meeting with an outside consultant, the Chief Security Officer explains that he is
concerned that the existing security controls have not been designed properly. Currently, the
Network Administrator is responsible for approving and issuing RFID card access to the server
room, as well as reviewing the electronic access logs on a weekly basis.
Which of the following is an issue with the situation?

In the OSI model, where does PPTP encryption take place?

What is the main advantage that a network-based IDS/IPS system has over a host-based
solution?

An NMAP scan of a server shows port 25 is open. What risk could this pose?

Which of the following are variants of mandatory access control mechanisms? (Choose two.)

An attacker uses a communication channel within an operating system that is neither designed nor
intended to transfer information. What is the name of the communications channel?

Which of the following is used to indicate a single-line comment in structured query language
(SQL)?

What is the primary drawback to using advanced encryption standard (AES) algorithm with a 256
bit key to share sensitive data?