SY0-401 Exam Dumps | A security administrator develops a web page and limits input into the fields on the web page as well

<< Prev Question Next Question >>

Question 15/800

A security administrator develops a web page and limits input into the fields on the web page as well as
filters special characters in output.
Which of the following attacks is the administrator trying to prevent?

A. Spoofing

B. XSS

C. Fuzzing

D. Pharming

Question List (800q): Question 1: Which of the following is a requirement when implementing PK...; Question 2: A new security policy being implemented requires all email w...; Question 3: A user attempts to install new and relatively unknown softwa...; Question 4: After working on his doctoral dissertation for two years, Jo...; Question 5: Jane, a VPN administrator, was asked to implement an encrypt...; Question 6: Which of the following BEST describes a SQL Injection attack...; Question 7: The security manager must store a copy of a sensitive docume...; Question 8: Using a protocol analyzer, a security consultant was able to...; Question 9: A user attempting to log on to a workstation for the first t...; Question 10: Which of the following encompasses application patch managem...; Question 11: Which of the following is considered a risk management BEST ...; Question 12: A network administrator noticed various chain messages have ...; Question 13: In Kerberos, the Ticket Granting Ticket (TGT) is used for th...; Question 14: Jane has recently implemented a new network design at her or...; Question 15: A security administrator develops a web page and limits inpu...; Question 16: A security technician received notification of a remotely ex...; Question 17: A Human Resources user is issued a virtual desktop typically...; Question 18: A security administrator wants to test the reliability of an...; Question 19: A company is starting to allow employees to use their own pe...; Question 20: Users in the HR department were recently informed that they ...; Question 21: Which of the following is a control that allows a mobile app...; Question 22: A security administrator wants to check user password comple...; Question 23: A malicious individual used an unattended customer service k...; Question 24: Which of the following will help prevent smurf attacks?...; Question 25: Employee badges are encoded with a private encryption key an...; Question 26: An administrator notices an unusual spike in network traffic...; Question 27: Identifying residual is MOST important to which of the follo...; Question 28: Which of the following can only be mitigated through the use...; Question 29: Which of the following components MUST be trusted by all par...; Question 30: It has been discovered that students are using kiosk tablets...; Question 31: Which of the following is the BEST way to prevent Cross-Site...; Question 32: An administrator is investigating a system that may potentia...; Question 33: A company would like to take electronic orders from a partne...; Question 34: Joe, a company's network engineer, is concerned that protoco...; Question 35: Which of the following is an important step in the initial s...; Question 36: A database administrator would like to start encrypting data...; Question 37: A computer is suspected of being compromised by malware. The...; Question 38: Which of the following BEST describes part of the PKI proces...; Question 39: While an Internet café a malicious user is causing all surro...; Question 40: Which of the following would provide the STRONGEST encryptio...; Question 41: One of the findings of risk assessment is that many of the s...; Question 42: Vendors typically ship software applications with security s...; Question 43: A small company has recently purchased cell phones for manag...; Question 44: Which of the following should be enabled in a laptop's BIOS ...; Question 45: Users require access to a certain server depending on their ...; Question 46: Joe has read and write access to his own home directory. Joe...; Question 47: Matt, an IT administrator, wants to protect a newly built se...; Question 48: Which of the following is the BEST practice when dealing wit...; Question 49: Which of the following tools would allow Ann, the security a...; Question 50: A security administrator at a company which implements key e...; Question 51: Which of the following can BEST help prevent cross-site scri...; Question 52: When an order was submitted via the corporate website, an ad...; Question 53: A network administrator has a separate user account with rig...; Question 54: One of the senior managers at a company called the help desk...; Question 55: After a security incident involving a physical asset, which ...; Question 56: Which of the following solutions provides the most flexibili...; Question 57: Company XYZ has encountered an increased amount of buffer ov...; Question 58: A company executive's laptop was compromised, leading to a s...; Question 59: Which of the following would be used to identify the securit...; Question 60: Which of the following techniques describes the use of appli...; Question 61: Which of the following is used to certify intermediate autho...; Question 62: HOTSPOT Select the appropriate attack from each drop down li...; Question 63: Which of the following would an attacker use to generate and...; Question 64: Prior to leaving for an extended vacation, Joe uses his mobi...; Question 65: Which of the following devices is BEST suited for servers th...; Question 66: The security administrator is observing unusual network beha...; Question 67: Which of the following attacks impact the availability of a ...; Question 68: Which of the following is the MOST likely cause of users bei...; Question 69: During a security assessment, an administrator wishes to see...; Question 70: Which of the following access controls enforces permissions ...; Question 71: Ann a network administrator has been tasked with strengtheni...; Question 72: During a routine audit a web server is flagged for allowing ...; Question 73: The security administrator is analyzing a user's history fil...; Question 74: Which of the following would a security administrator implem...; Question 75: Mike, a security professional, is tasked with actively verif...; Question 76: Which of the following is an example of a false positive?...; Question 77: Ann, a security administrator, is strengthening the security...; Question 78: Which of the following is the difference between identificat...; Question 79: Which of the following provides dedicated hardware-based cry...; Question 80: The string: ' or 1=1-- - Which of the following represents i...; Question 81: Which of the following steps of incident response does a tea...; Question 82: Data execution prevention is a feature in most operating sys...; Question 83: The system administrator is tasked with changing the adminis...; Question 84: On a train, an individual is watching a proprietary video on...; Question 85: Which of the following attacks could be used to initiate a s...; Question 86: A recent audit has discovered that at the time of password e...; Question 87: An administrator notices that former temporary employees' ac...; Question 88: After analyzing and correlating activity from multiple senso...; Question 89: Which of the following represents a cryptographic solution w...; Question 90: Vendors typically ship software applications with security s...; Question 91: Ann a security technician receives a report from a user that...; Question 92: The librarian wants to secure the public Internet kiosk PCs ...; Question 93: An attacker attempted to compromise a web form by inserting ...; Question 94: Certificates are used for: (Choose two.)...; Question 95: Allowing unauthorized removable devices to connect to comput...; Question 96: Establishing a method to erase or clear cluster tips is an e...; Question 97: An administrator is instructed to disable IP-directed broadc...; Question 98: Which of the following describes how Sara, an attacker, can ...; Question 99: A software development company wants to implement a digital ...; Question 100: The access control list (ACL) for a file on a server is as f...; Question 101: An encrypted message is sent using PKI from Sara, a client, ...; Question 102: Users report that they are unable to access network printing...; Question 103: The ore-sales engineering team needs to quickly provide accu...; Question 104: Joe is the accounts payable agent for ABC Company. Joe has b...; Question 105: Company XYZ recently salvaged company laptops and removed al...; Question 106: Which of the following authentication services combines auth...; Question 107: Which of the following types of security controls are visibl...; Question 108: Which of the following MUST be updated immediately when an e...; Question 109: An employee needs to connect to a server using a secure prot...; Question 110: Which of the following would be MOST appropriate if an organ...; Question 111: Sara, a security administrator, manually hashes all network ...; Question 112: A security administrator has concerns that employees are ins...; Question 113: A company is about to release a very large patch to its cust...; Question 114: A company has been attacked and their website has been alter...; Question 115: Some customers have reported receiving an untrusted certific...; Question 116: Maintenance workers find an active network switch hidden abo...; Question 117: A company hosts its public websites internally. The administ...; Question 118: During a disaster recovery planning session, a security admi...; Question 119: Which of the following is a hardware-based security technolo...; Question 120: A security assurance officer is preparing a plan to measure ...; Question 121: Public key certificates and keys that are compromised or wer...; Question 122: A large corporation has data centers geographically distribu...; Question 123: Which of the following types of security services are used t...; Question 124: The security manager reports that the process of revoking ce...; Question 125: Which of the following should be done before resetting a use...; Question 126: Which of the following means a password history value of thr...; Question 127: Users are utilizing thumb drives to connect to USB ports on ...; Question 128: In order to use a two-way trust model the security administr...; Question 129: Sara, a user, downloads a keygen to install pirated software...; Question 130: During an anonymous penetration test, Jane, a system adminis...; Question 131: Which of the following was launched against a company based ...; Question 132: A system administrator is notified by a staff member that th...; Question 133: A company's password and authentication policies prohibit th...; Question 134: Which of the following offers the LEAST secure encryption ca...; Question 135: Which of the following was based on a previous X.500 specifi...; Question 136: Which of the following controls can be implemented together ...; Question 137: Which of the following will allow Pete, a security analyst, ...; Question 138: Company employees are required to have workstation client ce...; Question 139: Digital signatures are used for ensuring which of the follow...; Question 140: After a company has standardized to a single operating syste...; Question 141: Which of the following authentication services should be rep...; Question 142: Which of the following malware types may require user intera...; Question 143: A security technician at a small business is worried about t...; Question 144: After visiting a website, a user receives an email thanking ...; Question 145: Two programmers write a new secure application for the human...; Question 146: An administrator finds that non-production servers are being...; Question 147: The Chief Security Officer (CSO) for a datacenter in a hosti...; Question 148: Which of the following network devices is used to analyze tr...; Question 149: Which of the following incident response plan steps would MO...; Question 150: A large multinational corporation with networks in 30 countr...; Question 151: During the information gathering stage of a deploying role-b...; Question 152: Ann, the security administrator, wishes to implement multifa...; Question 153: The marketing department wants to distribute pens with embed...; Question 154: A small company has recently purchased cell phones for manag...; Question 155: Which of the following attacks involves the use of previousl...; Question 156: A system administrator has noticed network performance issue...; Question 157: How must user accounts for exiting employees be handled?...; Question 158: A company needs to receive data that contains personally ide...; Question 159: Human Resources suspects an employee is accessing the employ...; Question 160: A network technician is configuring clients for VLAN access....; Question 161: What is a system that is intended or designed to be broken i...; Question 162: Several employee accounts appear to have been cracked by an ...; Question 163: Sara, a hacker, is completing a website form to request a fr...; Question 164: The security department has implemented a new laptop encrypt...; Question 165: An administrator is concerned that a company's web server ha...; Question 166: A company needs to provide web-based access to shared data s...; Question 167: A periodic update that corrects problems in one version of a...; Question 168: A company wants to prevent end users from plugging unapprove...; Question 169: Highly sensitive data is stored in a database and is accesse...; Question 170: Ann, the software security engineer, works for a major softw...; Question 171: In order to enter a high-security datacenter, users are requ...; Question 172: A systems administrator has implemented PKI on a classified ...; Question 173: An administrator has a network subnet dedicated to a group o...; Question 174: After Ann, a user, logs into her banking websites she has ac...; Question 175: An SSL/TLS private key is installed on a corporate web proxy...; Question 176: Which of the following assessment techniques would a securit...; Question 177: Jane, a security administrator, has been tasked with explain...; Question 178: Which of the following is mainly used for remote access into...; Question 179: In order to maintain oversight of a third party service prov...; Question 180: Which of the following is an important implementation consid...; Question 181: A new virtual server was created for the marketing departmen...; Question 182: A large bank has moved back office operations offshore to an...; Question 183: A security administrator suspects that an employee in the IT...; Question 184: Suspicious traffic without a specific signature was detected...; Question 185: Which of the following is true about PKI? (Choose two.)...; Question 186: DRAG DROP A security administrator is given the security and...; Question 187: A network administrator is configuring access control for th...; Question 188: Internet banking customers currently use an account number a...; Question 189: Physical documents must be incinerated after a set retention...; Question 190: The finance department just procured a software application ...; Question 191: Which of the following is the BEST technology for the sender...; Question 192: A company has purchased an application that integrates into ...; Question 193: A recently installed application update caused a vital appli...; Question 194: Which of the following could cause a browser to display the ...; Question 195: An administrator needs to submit a new CSR to a CA. Which of...; Question 196: RC4 is a strong encryption protocol that is generally used w...; Question 197: Which of the following can be used on a smartphone to BEST p...; Question 198: Which of the following tests a number of security controls i...; Question 199: Joe, a web developer, wants to make sure his application is ...; Question 200: Matt, a security consultant, has been tasked with increasing...; Question 201: The IT department has setup a website with a series of quest...; Question 202: A technician wants to implement a dual factor authentication...; Question 203: A resent OS patch caused an extended outage. It took the IT ...; Question 204: Jane, an individual, has recently been calling various finan...; Question 205: An organization has a need for security control that identif...; Question 206: A Chief Information Security Officer (CISO) wants to impleme...; Question 207: A security administrator is auditing a database server to en...; Question 208: A security administrator wants to block unauthorized access ...; Question 209: Which of the following MOST interferes with network-based de...; Question 210: Company A submitted a bid on a contract to do work for Compa...; Question 211: A new security analyst is given the task of determining whet...; Question 212: Which of the following access methods uses radio frequency w...; Question 213: A CA is compromised and attacks start distributing malicious...; Question 214: Which of the following is characterized by an attacker attem...; Question 215: Which of the following types of logs could provide clues tha...; Question 216: Which of the following is an indication of an ongoing curren...; Question 217: An administrator needs to renew a certificate for a web serv...; Question 218: A company needs to receive data that contains personally ide...; Question 219: After encrypting all laptop hard drives, an executive office...; Question 220: A company hired Joe, an accountant. The IT administrator wil...; Question 221: A video surveillance audit recently uncovered that an employ...; Question 222: While working on a new project a security administrator want...; Question 223: A security administrator must implement a network that is im...; Question 224: A user has forgotten their account password. Which of the fo...; Question 225: A corporation has experienced several media leaks of proprie...; Question 226: Each server on a subnet is configured to only allow SSH acce...; Question 227: Which of the following is an important step in the initial s...; Question 228: Without validating user input, an application becomes vulner...; Question 229: Which of the following is the BEST method for ensuring all f...; Question 230: Which of the following is the BEST way to prevent Cross-Site...; Question 231: Mike, a user, states that he is receiving several unwanted e...; Question 232: The security consultant is assigned to test a client's new s...; Question 233: An internal auditing team would like to strengthen the passw...; Question 234: Which of the following can be implemented in hardware or sof...; Question 235: An administrator uses a server with a trusted OS and is conf...; Question 236: Use of group accounts should be minimized to ensure the foll...; Question 237: Which of the following can be used to mitigate risk if a mob...; Question 238: A hospital IT department wanted to secure its doctor's table...; Question 239: Which of the following types of wireless attacks would be us...; Question 240: Which of the following allows a company to maintain access t...; Question 241: Ann has taken over as the new head of the IT department. One...; Question 242: When employees that use certificates leave the company they ...; Question 243: Which of the following would MOST likely involve GPS?...; Question 244: A security administrator wants to deploy security controls t...; Question 245: The chief Risk officer is concerned about the new employee B...; Question 246: A company hires outside security experts to evaluate the sec...; Question 247: Identifying a list of all approved software on a system is a...; Question 248: Joe needs to track employees who log into a confidential dat...; Question 249: A security administrator needs a locally stored record to re...; Question 250: One of the servers on the network stops responding due to la...; Question 251: A security administrator must implement a system to allow cl...; Question 252: A company requires that all users enroll in the corporate PK...; Question 253: A security administrator must implement a wireless encryptio...; Question 254: Which of the following techniques can be used to prevent the...; Question 255: An email client says a digital signature is invalid and the ...; Question 256: A CRL is comprised of.; Question 257: A software development company has hired a programmer to dev...; Question 258: Which of the following provides Digital Signatures?...; Question 259: Which of the following security benefits would be gained by ...; Question 260: A security specialist has been asked to evaluate a corporate...; Question 261: A security administrator is reviewing the below output from ...; Question 262: An administrator has successfully implemented SSL on srv4.co...; Question 263: Which of the following protocols is the security administrat...; Question 264: Which of the following is used to verify data integrity?...; Question 265: Joe, a user, wants to protect sensitive information stored o...; Question 266: Which of the following is described as an attack against an ...; Question 267: Which of the following is the practice of marking open wirel...; Question 268: Pete, an employee, is terminated from the company and the le...; Question 269: During an audit, the security administrator discovers that t...; Question 270: Which of the following does full disk encryption prevent?...; Question 271: Which of the following MUST Matt, a security administrator, ...; Question 272: A program has been discovered that infects a critical Window...; Question 273: Company A sends a PGP encrypted file to company B. If compan...; Question 274: A team of firewall administrators have access to a `master p...; Question 275: Given the following list of corporate access points, which o...; Question 276: ABC company has a lot of contractors working for them. The p...; Question 277: An administrator has two servers and wants them to communica...; Question 278: A security administrator wants to get a real time look at wh...; Question 279: Which of the following authentication provides users XML for...; Question 280: Which of the following password attacks is MOST likely to cr...; Question 281: A user has plugged in a wireless router from home with defau...; Question 282: Pete, an employee, needs a certificate to encrypt data. Whic...; Question 283: Which of the following is an XML based open standard used in...; Question 284: Which of the following is the below pseudo-code an example o...; Question 285: Matt, a security administrator, wants to ensure that the mes...; Question 286: Ann, a security analyst, is preparing for an upcoming securi...; Question 287: Which of the following explains the difference between a pub...; Question 288: A security administrator has been tasked with setting up a n...; Question 289: The BEST methods for a web developer to prevent the website ...; Question 290: Users can authenticate to a company's web applications using...; Question 291: A security technician is working with the network firewall t...; Question 292: Pete, the system administrator, has concerns regarding users...; Question 293: A user attempts to install a new and relatively unknown soft...; Question 294: A new intern was assigned to the system engineering departme...; Question 295: An IT auditor tests an application as an authenticated user....; Question 296: While opening an email attachment, Pete, a customer, receive...; Question 297: Which of the following MOST interferes with network-based de...; Question 298: A technician is reviewing the logical access control method ...; Question 299: Joe, an employee, was escorted from the company premises due...; Question 300: An insurance company requires an account recovery process so...; Question 301: A security administrator is concerned about the strength of ...; Question 302: An organization has introduced token-based authentication to...; Question 303: Which of the following types of cloud computing would be MOS...; Question 304: A bank has recently deployed mobile tablets to all loan offi...; Question 305: The chief Risk officer is concerned about the new employee B...; Question 306: Which of the following can a security administrator implemen...; Question 307: Which of the following is replayed during wireless authentic...; Question 308: A company's employees were victims of a spear phishing campa...; Question 309: A new web server has been provisioned at a third party hosti...; Question 310: Which of the following are examples of detective controls?...; Question 311: Which of the following software allows a network administrat...; Question 312: Matt, the Chief Information Security Officer (CISO), tells t...; Question 313: Which of the following should be used when a business needs ...; Question 314: One month after a software developer was terminated, the hel...; Question 315: Which of the following are examples of network segmentation?...; Question 316: Which of the following hardware based encryption devices is ...; Question 317: Which of the following provides RADIUS?...; Question 318: Which of the following can be used as an equipment theft det...; Question 319: Methods to test the responses of software and web applicatio...; Question 320: Disabling unnecessary services, restricting administrative a...; Question 321: Which of the following attacks targets high level executives...; Question 322: A recent audit has revealed weaknesses in the process of dep...; Question 323: When designing a corporate NAC solution, which of the follow...; Question 324: A company requires that a user's credentials include providi...; Question 325: Which of the following wireless security measures can an att...; Question 326: A security manager requires fencing around the perimeter, an...; Question 327: Which of the following can be used to maintain a higher leve...; Question 328: Which of the following describes purposefully injecting extr...; Question 329: Which of the following uses both a public and private key?...; Question 330: A way to assure data at-rest is secure even in the event of ...; Question 331: The IT department has set up a share point site to be used o...; Question 332: A password audit has revealed that a significant percentage ...; Question 333: The help desk is experiencing a higher than normal amount of...; Question 334: A user was reissued a smart card after the previous smart ca...; Question 335: The call center supervisor has reported that many employees ...; Question 336: Use of a smart card to authenticate remote servers remains M...; Question 337: After a security incident involving a physical asset, which ...; Question 338: The Quality Assurance team is testing a new third party deve...; Question 339: A computer is suspected of being compromised by malware. The...; Question 340: Which of the following allows an organization to store a sen...; Question 341: Which of the following is synonymous with a server's certifi...; Question 342: A financial company requires a new private network link with...; Question 343: A new MPLS network link has been established between a compa...; Question 344: Pete, the compliance manager, wants to meet regulations. Pet...; Question 345: Which of the following describes a type of malware which is ...; Question 346: Due to hardware limitation, a technician must implement a wi...; Question 347: Which of the following may cause Jane, the security administ...; Question 348: A bank has a fleet of aging payment terminals used by mercha...; Question 349: A network administrator is responsible for securing applicat...; Question 350: SIMULATION A security administrator discovers that an attack...; Question 351: Which of the following is commonly LDAP and Kerberos used fo...; Question 352: The Chief Security Officer (CSO) is contacted by a first res...; Question 353: A new application needs to be deployed on a virtual server. ...; Question 354: A business has set up a Customer Service kiosk within a shop...; Question 355: Access mechanisms to data on encrypted USB hard drives must ...; Question 356: A company's security administrator wants to manage PKI for i...; Question 357: Matt, an administrator, is concerned about the wireless netw...; Question 358: While setting up a secure wireless corporate network, which ...; Question 359: The security administrator installed a newly generated SSL c...; Question 360: Joe, a user, reports to the system administrator that he is ...; Question 361: Which of the following is a measure of biometrics performanc...; Question 362: Which of the following is a common coding error in which bou...; Question 363: A group policy requires users in an organization to use stro...; Question 364: Which of the following devices will help prevent a laptop fr...; Question 365: A user commuting to work via public transport received an of...; Question 366: Ann, a software developer, has installed some code to reacti...; Question 367: How often, at a MINIMUM, should Sara, an administrator, revi...; Question 368: Sara, an attacker, is recording a person typing in their ID ...; Question 369: Pete, the security administrator, has been notified by the I...; Question 370: Which of the following allows lower level domains to access ...; Question 371: Which of the following can use RC4 for encryption? (Choose t...; Question 372: Which of the following provides a user ID and password toget...; Question 373: Which of the following is true about an email that was signe...; Question 374: A network administrator has identified port 21 being open an...; Question 375: A security administrator looking through IDS logs notices th...; Question 376: A security administrator wants to ensure that the message th...; Question 377: A company wants to ensure that all aspects if data are prote...; Question 378: Which of the following is a vulnerability associated with di...; Question 379: Verifying the integrity of data submitted to a computer prog...; Question 380: Attempting to inject 50 alphanumeric key strokes including s...; Question 381: Which of the following is built into the hardware of most la...; Question 382: Using a heuristic system to detect an anomaly in a computer'...; Question 383: A security administrator is aware that a portion of the comp...; Question 384: Which of the following would prevent a user from installing ...; Question 385: A technician wants to verify the authenticity of the system ...; Question 386: Which of the following can be implemented with multiple bit ...; Question 387: Which of the following types of authentication packages user...; Question 388: A security technician has been asked to recommend an authent...; Question 389: Which of the following would Jane, an administrator, use to ...; Question 390: An administrator wants to ensure that the reclaimed space of...; Question 391: A system security analyst using an enterprise monitoring too...; Question 392: A security administrator is designing an access control syst...; Question 393: An administrator has advised against the use of Bluetooth ph...; Question 394: Which of the following types of attacks is based on coordina...; Question 395: Ann, the Chief Technology Officer (CTO), has agreed to allow...; Question 396: A network administrator is looking for a way to automaticall...; Question 397: The librarian wants to secure the public Internet kiosk PCs ...; Question 398: An attacker crafts a message that appears to be from a trust...; Question 399: Which of the following, if properly implemented, would preve...; Question 400: An administrator finds that non-production servers are being...; Question 401: A company recently experienced data loss when a server crash...; Question 402: A user has several random browser windows opening on their c...; Question 403: During a penetration test from the Internet, Jane, the syste...; Question 404: Timestamps and sequence numbers act as countermeasures again...; Question 405: A security administrator must implement all requirements in ...; Question 406: Which of the following is a notification that an unusual con...; Question 407: A system administrator has noticed vulnerability on a high i...; Question 408: A company is about to release a very large patch to its cust...; Question 409: Which of the following is BEST utilized to identify common m...; Question 410: A recent spike in virus detections has been attributed to en...; Question 411: Which of the following types of encryption will help in prot...; Question 412: A security technician is attempting to improve the overall s...; Question 413: Which of the following is a vulnerability associated with di...; Question 414: Which of the following types of data encryption would Matt, ...; Question 415: A security analyst performs the following activities: monito...; Question 416: The recovery agent is used to recover the:...; Question 417: Which of the following would a security administrator implem...; Question 418: Joe analyzed the following log and determined the security t...; Question 419: Which of the following is the term for a fix for a known sof...; Question 420: A program displays: ERROR: this program has caught an except...; Question 421: A computer is found to be infected with malware and a techni...; Question 422: An IT security technician is actively involved in identifyin...; Question 423: Which of the following allows a network administrator to imp...; Question 424: A server administrator notes that a fully patched applicatio...; Question 425: Which of the following would be a reason for developers to u...; Question 426: An administrator is building a development environment and r...; Question 427: Which of the following types of application attacks would be...; Question 428: Pete, the compliance manager, wants to meet regulations. Pet...; Question 429: A Company has recently identified critical systems that supp...; Question 430: Which of the following is true about the CRL?...; Question 431: A user has unknowingly gone to a fraudulent site. The securi...; Question 432: Two organizations want to share sensitive data with one anot...; Question 433: The company's sales team plans to work late to provide the C...; Question 434: The IT department has installed new wireless access points b...; Question 435: Joe, an application developer, is building an external facin...; Question 436: A security administrator is investigating a recent server br...; Question 437: To ensure compatibility with their flagship product, the sec...; Question 438: A company wants to ensure that all credentials for various s...; Question 439: Which of the following describes the process of removing unn...; Question 440: A security manager installed a standalone fingerprint reader...; Question 441: A new mobile banking application is being developed and uses...; Question 442: Which of the following should a security technician implemen...; Question 443: Pete, a security analyst, has been tasked with explaining th...; Question 444: The software developer is responsible for writing the code a...; Question 445: Purchasing receives an automated phone call from a bank aski...; Question 446: Full disk encryption is MOST effective against the following...; Question 447: An organization is required to log all user internet activit...; Question 448: Which of the following types of attacks involves interceptio...; Question 449: Ann, a security analyst, has discovered that her company has...; Question 450: Which of the following BEST describes the type of attack tha...; Question 451: In order to enter a high-security data center, users are req...; Question 452: A process in which the functionality of an application is te...; Question 453: Which of the following can a security administrator implemen...; Question 454: A security administrator has installed a new KDC for the cor...; Question 455: An investigator recently discovered that an attacker placed ...; Question 456: Joe must send Ann a message and provide Ann with assurance t...; Question 457: An organization processes credit card transactions and is co...; Question 458: Matt, a forensic analyst, wants to obtain the digital finger...; Question 459: Which of the following data security techniques will allow M...; Question 460: The security administrator runs an rpm verify command which ...; Question 461: Which of the following technologies was developed to allow c...; Question 462: Which of the following provides the HIGHEST level of confide...; Question 463: Users have been reporting that their wireless access point i...; Question 464: The fundamental information security principals include conf...; Question 465: The information security technician wants to ensure security...; Question 466: Sara, an application developer, implemented error and except...; Question 467: Which of the following is an attack designed to activate bas...; Question 468: A security administrator has implemented a policy to prevent...; Question 469: A malicious individual is attempting to write too much data ...; Question 470: Which of the following can Joe, a security administrator, im...; Question 471: Although a vulnerability scan report shows no vulnerabilitie...; Question 472: Joe, a user, in a coffee shop is checking his email over a w...; Question 473: A user reports being unable to access a file on a network sh...; Question 474: Users report that after downloading several applications, th...; Question 475: An agent wants to create fast and efficient cryptographic ke...; Question 476: The finance department works with a bank which has recently ...; Question 477: Which of the following can be used to ensure digital certifi...; Question 478: Which of the following must be kept secret for a public key ...; Question 479: Ann, a security administrator, wishes to replace their RADIU...; Question 480: A server administrator notes that a legacy application often...; Question 481: Which of the following is a way to implement a technical con...; Question 482: Which of the following is a penetration testing method?...; Question 483: A merchant acquirer has the need to store credit card number...; Question 484: The process of making certain that an entity (operating syst...; Question 485: A security administrator has been tasked to ensure access to...; Question 486: Which of the following protocols is vulnerable to man-in-the...; Question 487: A computer security officer has investigated a possible data...; Question 488: A security administrator discovers an image file that has se...; Question 489: Which of the following services are used to support authenti...; Question 490: DRAG DROP Determine the types of attacks below by selecting ...; Question 491: A company has just deployed a centralized event log storage ...; Question 492: Users are trying to communicate with a network but are unabl...; Question 493: The public key is used to perform the following: (Choose thr...; Question 494: When reviewing a digital certificate for accuracy, which of ...; Question 495: Which of the following is an authentication method that can ...; Question 496: In an environment where availability is critical such as Ind...; Question 497: Which of the following tools would a security administrator ...; Question 498: Ann, the network administrator, has learned from the helpdes...; Question 499: Which of the following security concepts identifies input va...; Question 500: Which of the following authentication protocols makes use of...; Question 501: A security administrator wants to deploy security controls t...; Question 502: An administrator is assigned to monitor servers in a data ce...; Question 503: Which of the following can be used as an equipment theft det...; Question 504: Which of the following practices is used to mitigate a known...; Question 505: Which of the following can be used by a security administrat...; Question 506: A company has recently allowed employees to take advantage o...; Question 507: Identifying a list of all approved software on a system is a...; Question 508: Which of the following is replayed during wireless authentic...; Question 509: Which of the following is true about input validation in a c...; Question 510: Which of the following is public keys used for?...; Question 511: Which statement is TRUE about the operation of a packet snif...; Question 512: Which of the following ciphers would be BEST used to encrypt...; Question 513: The information security technician wants to ensure security...; Question 514: A way to assure data at-rest is secure even in the event of ...; Question 515: A security administrator is notified that users attached to ...; Question 516: Which of the following controls mitigates the risk of Matt, ...; Question 517: A system administrator is setting up a file transfer server....; Question 518: The security team would like to gather intelligence about th...; Question 519: Joe, an employee is taking a taxi through a busy city and st...; Question 520: Which of the following password attacks involves attempting ...; Question 521: Which of the following protocols encapsulates an IP packet w...; Question 522: Matt, a security analyst, needs to select an asymmetric encr...; Question 523: A security administrator forgets their card to access the se...; Question 524: Which of the following application attacks is used to gain a...; Question 525: A system administrator is configuring shared secrets on serv...; Question 526: A system administrator needs to ensure that certain departme...; Question 527: In order for Sara, a client, to logon to her desktop compute...; Question 528: After Matt, a user, enters his username and password at the ...; Question 529: Which of the following does full disk encryption prevent?...; Question 530: Which of the following authentication methods can use the SC...; Question 531: Each server on a subnet is configured to only allow SSH acce...; Question 532: Purchasing receives a phone call from a vendor asking for a ...; Question 533: Which of the following would be used when a higher level of ...; Question 534: A security manager must remain aware of the security posture...; Question 535: The Chief Information Officer (CIO) receives an anonymous th...; Question 536: A network administrator identifies sensitive files being tra...; Question 537: Which of the following wireless protocols could be vulnerabl...; Question 538: A system administrator wants to confidentially send a user n...; Question 539: Which of the following types of trust models is used by a PK...; Question 540: In PKI, a key pair consists of: (Choose two.)...; Question 541: Which of the following types of authentication solutions use...; Question 542: Recent data loss on financial servers due to security breach...; Question 543: The call center supervisor has reported that many employees ...; Question 544: Which of the following techniques describes the use of appli...; Question 545: Sara, a security manager, has decided to force expiration of...; Question 546: A security administrator examines a network session to a com...; Question 547: Which of the following is MOST critical in protecting contro...; Question 548: Which of the following is the best practice to put at the en...; Question 549: Joe, an administrator, installs a web server on the Internet...; Question 550: A network inventory discovery application requires non-privi...; Question 551: Which of the following would Matt, a security administrator,...; Question 552: A system administrator is using a packet sniffer to troubles...; Question 553: A security administrator wants to implement a solution which...; Question 554: Which of the following must a user implement if they want to...; Question 555: Which of the following would BEST deter an attacker trying t...; Question 556: Which of the following encompasses application patch managem...; Question 557: An organization must implement controls to protect the confi...; Question 558: Which of the following provides the strongest authentication...; Question 559: A small company wants to employ PKI. The company wants a cos...; Question 560: Pete, the system administrator, has concerns regarding users...; Question 561: The Chief Executive Officer (CEO) receives a suspicious voic...; Question 562: Various employees have lost valuable customer data due to ha...; Question 563: Which of the following would be used as a secure substitute ...; Question 564: Which of the following has a storage root key?...; Question 565: Which of the following describes the process of removing unn...; Question 566: A system administrator has made several unauthorized changes...; Question 567: A network administrator uses an RFID card to enter the datac...; Question 568: Sara, a security engineer, is testing encryption ciphers for...; Question 569: Which of the following practices is used to mitigate a known...; Question 570: A cafe provides laptops for Internet access to their custome...; Question 571: Which of the following is a concern when encrypting wireless...; Question 572: A software firm posts patches and updates to a publicly acce...; Question 573: Which of the following implementation steps would be appropr...; Question 574: Which of the following is an authentication and accounting s...; Question 575: Which of the following BEST allows Pete, a security administ...; Question 576: A security administrator needs to determine which system a p...; Question 577: Which of the following would a security administrator implem...; Question 578: The system administrator notices that many employees are usi...; Question 579: Which of the following would prevent a user from installing ...; Question 580: Which of the following BEST explains Platform as a Service?...; Question 581: Which of the following controls would allow a company to red...; Question 582: All executive officers have changed their monitor location s...; Question 583: HOTSPOT For each of the given items, select the appropriate ...; Question 584: Which of the following is used by the recipient of a digital...; Question 585: An administrator is building a development environment and r...; Question 586: Which of the following design components is used to isolate ...; Question 587: Ann is traveling for business and is attempting to use the h...; Question 588: Which of the following BEST describes using a smart card and...; Question 589: Using proximity card readers instead of the traditional key ...; Question 590: Which of the following BEST represents the goal of a vulnera...; Question 591: Pete, a developer, writes an application. Jane, the security...; Question 592: A network engineer is configuring a VPN tunnel connecting a ...; Question 593: A quality assurance analyst is reviewing a new software prod...; Question 594: A system administrator has noticed that users change their p...; Question 595: A system administrator is configuring UNIX accounts to authe...; Question 596: An administrator was asked to review user accounts. Which of...; Question 597: Which of the following are restricted to 64-bit block sizes?...; Question 598: Which of the following should Matt, a security administrator...; Question 599: Which of the following is an authentication service that use...; Question 600: If Organization A trusts Organization B and Organization B t...; Question 601: During a recent investigation, an auditor discovered that an...; Question 602: Matt, a developer, recently attended a workshop on a new app...; Question 603: Jane, an IT security technician, needs to create a way to se...; Question 604: Which of the following attacks allows access to contact list...; Question 605: Joe, a technician, is tasked with finding a way to test oper...; Question 606: A database administrator receives a call on an outside telep...; Question 607: Which of the following file systems is from Microsoft and wa...; Question 608: The system administrator is reviewing the following logs fro...; Question 609: Fuzzing is a security assessment technique that allows teste...; Question 610: Joe, the system administrator, is setting up a wireless netw...; Question 611: Deploying a wildcard certificate is one strategy to:...; Question 612: After an audit, it was discovered that an account was not di...; Question 613: Allowing unauthorized removable devices to connect to comput...; Question 614: A server with the IP address of 10.10.2.4 has been having in...; Question 615: A technician wants to secure communication to the corporate ...; Question 616: Users are encouraged to click on a link in an email to obtai...; Question 617: Which of the following helps to establish an accurate timeli...; Question 618: The Chief Technology Officer (CTO) wants to improve security...; Question 619: Which of the following devices would be the MOST efficient w...; Question 620: Which of the following is an advantage of implementing indiv...; Question 621: Which of the following malware types is MOST likely to execu...; Question 622: An auditing team has found that passwords do not meet the be...; Question 623: Which of the following actions in PKI takes a certificate au...; Question 624: Which of the following passwords is the LEAST complex?...; Question 625: An application developer has tested some of the known exploi...; Question 626: An employee's mobile device associates with the company's gu...; Question 627: Ann works at a small company and she is concerned that there...; Question 628: Which of the following protocols is used to validate whether...; Question 629: Prior to leaving for an extended vacation, Joe uses his mobi...; Question 630: A security analyst discovered data such as images and word d...; Question 631: When using PGP, which of the following should the end user p...; Question 632: Joe, the information security manager, is tasked with calcul...; Question 633: The Chief Information Security Officer (CISO) is concerned t...; Question 634: A security administrator wants to perform routine tests on t...; Question 635: An administrator has concerns regarding the company's server...; Question 636: Which of the following documents outlines the technical and ...; Question 637: After visiting a website, a user receives an email thanking ...; Question 638: When creating a public / private key pair, for which of the ...; Question 639: Which of the following can be implemented if a security admi...; Question 640: A security engineer is asked by the company's development te...; Question 641: To protect corporate data on removable media, a security pol...; Question 642: Which of the following devices is used for the transparent s...; Question 643: Jane, an IT security technician, needs to create a way to se...; Question 644: Which of the following solutions provides the most flexibili...; Question 645: Which of the following should a company implement to BEST mi...; Question 646: A systems engineer has been presented with storage performan...; Question 647: Pete, the security engineer, would like to prevent wireless ...; Question 648: Which of the following controls can be implemented together ...; Question 649: A periodic update that corrects problems in one version of a...; Question 650: Which of the following common access control models is commo...; Question 651: The system administrator wishes to implement a hardware-base...; Question 652: Which of the following can be performed when an element of t...; Question 653: Which of the following application security testing techniqu...; Question 654: A bank has recently deployed mobile tablets to all loan offi...; Question 655: Which of the following authentication services requires the ...; Question 656: One of the most consistently reported software security vuln...; Question 657: A set of standardized system images with a pre-defined set o...; Question 658: An IT security technician needs to establish host based secu...; Question 659: An administrator has to determine host operating systems on ...; Question 660: Which of the following symmetric key algorithms are examples...; Question 661: A technician has implemented a system in which all workstati...; Question 662: The process of making certain that an entity (operating syst...; Question 663: Which of the following is BEST utilized to actively test sec...; Question 664: An administrator discovers that many users have used their s...; Question 665: Which of the following cryptographic algorithms is MOST ofte...; Question 666: Joe, a user, wants to send an encrypted email to Ann. Which ...; Question 667: Pete's corporation has outsourced help desk services to a la...; Question 668: Which of the following documents outlines the responsibility...; Question 669: Which of the following is the MOST intrusive type of testing...; Question 670: Several users report to the administrator that they are havi...; Question 671: Which of the following security architecture elements also h...; Question 672: Jane, a security administrator, needs to implement a secure ...; Question 673: An IT security technician needs to establish host based secu...; Question 674: A network analyst received a number of reports that imperson...; Question 675: A distributed denial of service attack can BEST be described...; Question 676: Ann wants to send a file to Joe using PKI. Which of the foll...; Question 677: Which of the following types of application attacks would be...; Question 678: A security technician is attempting to access a wireless net...; Question 679: Which of the following BEST explains the use of an HSM withi...; Question 680: A security analyst, Ann, is reviewing an IRC channel and not...; Question 681: Which of the following application attacks is used against a...; Question 682: The system administrator has been notified that many users a...; Question 683: A security administrator implements access controls based on...; Question 684: Which of the following is an application security coding pro...; Question 685: If Organization A trusts Organization B and Organization B t...; Question 686: Several employees clicked on a link in a malicious message t...; Question 687: A security technician has been tasked with opening ports on ...; Question 688: Pete, a security auditor, has detected clear text passwords ...; Question 689: A network security engineer notices unusual traffic on the n...; Question 690: An information bank has been established to store contacts, ...; Question 691: An auditor's report discovered several accounts with no acti...; Question 692: A vulnerability assessment indicates that a router can be ac...; Question 693: A company is concerned that a compromised certificate may re...; Question 694: Joe a company's new security specialist is assigned a role t...; Question 695: An incident occurred when an outside attacker was able to ga...; Question 696: After a user performed a war driving attack, the network adm...; Question 697: Ann an employee is visiting Joe, an employee in the Human Re...; Question 698: A security administrator has concerns regarding employees sa...; Question 699: A security Operations Center was scanning a subnet for infec...; Question 700: Which of the following is characterized by an attack against...; Question 701: A new network administrator is setting up a new file server ...; Question 702: Ann, an employee, is cleaning out her desk and disposes of p...; Question 703: Which of the following should Matt, a security administrator...; Question 704: An attacker used an undocumented and unknown application exp...; Question 705: A small company has a website that provides online customer ...; Question 706: Which of the following will allow Pete, a security analyst, ...; Question 707: A new client application developer wants to ensure that the ...; Question 708: Which of the following should an administrator implement to ...; Question 709: Which of the following is where an unauthorized device is fo...; Question 710: Failure to validate the size of a variable before writing it...; Question 711: Which device monitors network traffic in a passive manner?...; Question 712: A user has several random browser windows opening on their c...; Question 713: Which of the following tools will allow a technician to dete...; Question 714: When considering a vendor-specific vulnerability in critical...; Question 715: In which of the following scenarios is PKI LEAST hardened?...; Question 716: Which of the following would a security administrator use to...; Question 717: The database server used by the payroll system crashed at 3 ...; Question 718: Which of the following is an example of multifactor authenti...; Question 719: Which of the following devices will help prevent a laptop fr...; Question 720: Which of the following technical controls helps to prevent S...; Question 721: Which of the following malware types typically allows an att...; Question 722: Based on information leaked to industry websites, business m...; Question 723: The IT department noticed that there was a significant decre...; Question 724: A certificate used on an e-commerce web server is about to e...; Question 725: One of the most basic ways to protect the confidentiality of...; Question 726: Several departments in a corporation have a critical need fo...; Question 727: Several users' computers are no longer responding normally a...; Question 728: A security administrator must implement a secure key exchang...; Question 729: Several bins are located throughout a building for secure di...; Question 730: A company has purchased an application that integrates into ...; Question 731: Which of the following controls should critical application ...; Question 732: A software developer utilizes cryptographic functions to gen...; Question 733: During a server audit, a security administrator does not not...; Question 734: Which of the following technical controls helps to prevent S...; Question 735: Which of the following authentication services uses a ticket...; Question 736: Disabling unnecessary services, restricting administrative a...; Question 737: A technician has implemented a system in which all workstati...; Question 738: Which of the following would a security administrator implem...; Question 739: Which of the following can be used to maintain a higher leve...; Question 740: When confidentiality is the primary concern, and a secure ch...; Question 741: When Ann an employee returns to work and logs into her works...; Question 742: After viewing wireless traffic, an attacker notices the foll...; Question 743: A hacker has discovered a simple way to disrupt business for...; Question 744: A computer supply company is located in a building with thre...; Question 745: Which of the following is a security advantage of using NoSQ...; Question 746: A company is looking to improve their security posture by ad...; Question 747: Which of the following authenticate connections using point-...; Question 748: The Chief Information Officer (CIO) has asked a security ana...; Question 749: Jane, a security administrator, has observed repeated attemp...; Question 750: An internal audit has detected that a number of archived tap...; Question 751: Which of the following attacks would cause all mobile device...; Question 752: Which of the following algorithms has well documented collis...; Question 753: Which of the following protocols provides transport security...; Question 754: Which of the following provides additional encryption streng...; Question 755: A user casually browsing the Internet is redirected to a war...; Question 756: In regard to secure coding practices, why is input validatio...; Question 757: A victim is logged onto a popular home router forum site in ...; Question 758: Which of the following cryptographic related browser setting...; Question 759: A company with a US-based sales force has requested that the...; Question 760: Sara, the Chief Information Officer (CIO), has requested an ...; Question 761: Which of the following BEST describes a protective counterme...; Question 762: Which of the following is a hardware based encryption device...; Question 763: Ann, the security administrator, received a report from the ...; Question 764: Which of the following types of cryptography should be used ...; Question 765: A company's Chief Information Officer realizes the company c...; Question 766: Which of the following is BEST used to capture and analyze n...; Question 767: Ann, a newly hired human resource employee, sent out confide...; Question 768: Which of the following presents the STRONGEST access control...; Question 769: Four weeks ago, a network administrator applied a new IDS an...; Question 770: A trojan was recently discovered on a server. There are now ...; Question 771: Which of the following relies on the use of shared secrets t...; Question 772: Which of the following protocols provides for mutual authent...; Question 773: The BEST methods for a web developer to prevent the website ...; Question 774: Which of the following can be performed when an element of t...; Question 775: A network administrator noticed various chain messages have ...; Question 776: A security administrator notices large amounts of traffic wi...; Question 777: A new application needs to be deployed on a virtual server. ...; Question 778: The act of magnetically erasing all of the data on a disk is...; Question 779: Jane, a security analyst, is reviewing logs from hosts acros...; Question 780: Which of the following application security principles invol...; Question 781: Users at a company report that a popular news website keeps ...; Question 782: A user, Ann, is reporting to the company IT support group th...; Question 783: Which of the following BEST describes the type of attack tha...; Question 784: Which of the following identifies certificates that have bee...; Question 785: At the outside break area, an employee, Ann, asked another e...; Question 786: Which of the following protocols uses TCP instead of UDP and...; Question 787: Which of the following can hide confidential or malicious da...; Question 788: After a recent breach, the security administrator performs a...; Question 789: A recently installed application update caused a vital appli...; Question 790: Which of the following is the best practice for error and ex...; Question 791: Speaking a passphrase into a voice print analyzer is an exam...; Question 792: Joe, a network security engineer, has visibility to network ...; Question 793: An employee connects a wireless access point to the only jac...; Question 794: Full disk encryption is MOST effective against the following...; Question 795: Which of the following types of technologies is used by secu...; Question 796: Which of the following can be used on a smartphone to BEST p...; Question 797: A network administrator is responsible for securing applicat...; Question 798: Ann, the system administrator, is installing an extremely cr...; Question 799: An employee in the accounting department recently received a...; Question 800: A system security analyst wants to capture data flowing in a...

Question 15/800

LEAVE A REPLY

Download PDF File