A newly discovered flaw in a software application would be considered which kind of security vulnerability?

What technique is used to perform a Connection Stream Parameter Pollution (CSPP) attack?

An attacker uses a communication channel within an operating system that is neither designed nor intended to
transfer information. What is the name of the communications channel?

WPA2 uses AES for wireless data encryption at which of the following encryption levels?

Which type of scan measures a person’s external features through a digital video camera?

A company has hired a security administrator to maintain and administer Linux and Windows-based systems.
Written in the nightly report file is the following:
Firewall log files are at the expected value of 4 MB. The current time is 12am. Exactly two hours later the size
has decreased considerably. Another hour goes by and the log files have shrunk in size again.
Which of the following actions should the security administrator take?

A security policy will be more accepted by employees if it is consistent and has the support of

Which of the following business challenges could be solved by using a vulnerability scanner?

Which of the following techniques does a vulnerability scanner use in order to detect a vulnerability on a target
service?

A network administrator received an administrative alert at 3:00 a.m. from the intrusion detection system. The
alert was generated because a large number of packets were coming into the network over ports 20 and 21.
During analysis, there were no signs of attack on the FTP servers. How should the administrator classify this
situation?