Which of the following programs is usually targeted at Microsoft Office products?

What is the main difference between a “Normal” SQL Injection and a “Blind” SQL Injection
vulnerability?

Which of the following ensures that updates to policies, procedures, and configurations are made
in a controlled and documented fashion?

Data hiding analysis can be useful in

Smart cards use which protocol to transfer the certificate in a secure manner?

A company firewall engineer has configured a new DMZ to allow public systems to be located
away from the internal network. The engineer has three security zones set:
Untrust (Internet) – (Remote network = 217.77.88.0/24)
DMZ (DMZ) – (11.12.13.0/24)
Trust (Intranet) – (192.168.0.0/24)
The engineer wants to configure remote desktop access from a fixed IP on the remote network to
a remote desktop server in the DMZ. Which rule would best fit this requirement?

When comparing the testing methodologies of Open Web Application Security Project (OWASP)
and Open Source Security Testing Methodology Manual (OSSTMM) the main difference is

Which of the following is a protocol that is prone to a man-in-the-middle (MITM) attack and maps a
32-bit address to a 48-bit address?

Which NMAP feature can a tester implement or adjust while scanning for open ports to avoid
detection by the network’s IDS?

Windows file servers commonly hold sensitive files, databases, passwords and more. Which of
the following choices would be a common vulnerability that usually exposes them?