SY0-401 Exam Dumps | Which of the following BEST describes a protective countermeasure for SQL injection?

<< Prev Question Next Question >>

Question 761/800

Which of the following BEST describes a protective countermeasure for SQL injection?

A. Eliminating cross-site scripting vulnerabilities

B. Installing an IDS to monitor network traffic

C. Validating user input in web applications

D. Placing a firewall between the Internet and database servers

Question List (800q): Question 1: Which of the following is a requirement when implementing PK...; Question 2: A new security policy being implemented requires all email w...; Question 3: A user attempts to install new and relatively unknown softwa...; Question 4: After working on his doctoral dissertation for two years, Jo...; Question 5: Jane, a VPN administrator, was asked to implement an encrypt...; Question 6: Which of the following BEST describes a SQL Injection attack...; Question 7: The security manager must store a copy of a sensitive docume...; Question 8: Using a protocol analyzer, a security consultant was able to...; Question 9: A user attempting to log on to a workstation for the first t...; Question 10: Which of the following encompasses application patch managem...; Question 11: Which of the following is considered a risk management BEST ...; Question 12: A network administrator noticed various chain messages have ...; Question 13: In Kerberos, the Ticket Granting Ticket (TGT) is used for th...; Question 14: Jane has recently implemented a new network design at her or...; Question 15: A security administrator develops a web page and limits inpu...; Question 16: A security technician received notification of a remotely ex...; Question 17: A Human Resources user is issued a virtual desktop typically...; Question 18: A security administrator wants to test the reliability of an...; Question 19: A company is starting to allow employees to use their own pe...; Question 20: Users in the HR department were recently informed that they ...; Question 21: Which of the following is a control that allows a mobile app...; Question 22: A security administrator wants to check user password comple...; Question 23: A malicious individual used an unattended customer service k...; Question 24: Which of the following will help prevent smurf attacks?...; Question 25: Employee badges are encoded with a private encryption key an...; Question 26: An administrator notices an unusual spike in network traffic...; Question 27: Identifying residual is MOST important to which of the follo...; Question 28: Which of the following can only be mitigated through the use...; Question 29: Which of the following components MUST be trusted by all par...; Question 30: It has been discovered that students are using kiosk tablets...; Question 31: Which of the following is the BEST way to prevent Cross-Site...; Question 32: An administrator is investigating a system that may potentia...; Question 33: A company would like to take electronic orders from a partne...; Question 34: Joe, a company's network engineer, is concerned that protoco...; Question 35: Which of the following is an important step in the initial s...; Question 36: A database administrator would like to start encrypting data...; Question 37: A computer is suspected of being compromised by malware. The...; Question 38: Which of the following BEST describes part of the PKI proces...; Question 39: While an Internet café a malicious user is causing all surro...; Question 40: Which of the following would provide the STRONGEST encryptio...; Question 41: One of the findings of risk assessment is that many of the s...; Question 42: Vendors typically ship software applications with security s...; Question 43: A small company has recently purchased cell phones for manag...; Question 44: Which of the following should be enabled in a laptop's BIOS ...; Question 45: Users require access to a certain server depending on their ...; Question 46: Joe has read and write access to his own home directory. Joe...; Question 47: Matt, an IT administrator, wants to protect a newly built se...; Question 48: Which of the following is the BEST practice when dealing wit...; Question 49: Which of the following tools would allow Ann, the security a...; Question 50: A security administrator at a company which implements key e...; Question 51: Which of the following can BEST help prevent cross-site scri...; Question 52: When an order was submitted via the corporate website, an ad...; Question 53: A network administrator has a separate user account with rig...; Question 54: One of the senior managers at a company called the help desk...; Question 55: After a security incident involving a physical asset, which ...; Question 56: Which of the following solutions provides the most flexibili...; Question 57: Company XYZ has encountered an increased amount of buffer ov...; Question 58: A company executive's laptop was compromised, leading to a s...; Question 59: Which of the following would be used to identify the securit...; Question 60: Which of the following techniques describes the use of appli...; Question 61: Which of the following is used to certify intermediate autho...; Question 62: HOTSPOT Select the appropriate attack from each drop down li...; Question 63: Which of the following would an attacker use to generate and...; Question 64: Prior to leaving for an extended vacation, Joe uses his mobi...; Question 65: Which of the following devices is BEST suited for servers th...; Question 66: The security administrator is observing unusual network beha...; Question 67: Which of the following attacks impact the availability of a ...; Question 68: Which of the following is the MOST likely cause of users bei...; Question 69: During a security assessment, an administrator wishes to see...; Question 70: Which of the following access controls enforces permissions ...; Question 71: Ann a network administrator has been tasked with strengtheni...; Question 72: During a routine audit a web server is flagged for allowing ...; Question 73: The security administrator is analyzing a user's history fil...; Question 74: Which of the following would a security administrator implem...; Question 75: Mike, a security professional, is tasked with actively verif...; Question 76: Which of the following is an example of a false positive?...; Question 77: Ann, a security administrator, is strengthening the security...; Question 78: Which of the following is the difference between identificat...; Question 79: Which of the following provides dedicated hardware-based cry...; Question 80: The string: ' or 1=1-- - Which of the following represents i...; Question 81: Which of the following steps of incident response does a tea...; Question 82: Data execution prevention is a feature in most operating sys...; Question 83: The system administrator is tasked with changing the adminis...; Question 84: On a train, an individual is watching a proprietary video on...; Question 85: Which of the following attacks could be used to initiate a s...; Question 86: A recent audit has discovered that at the time of password e...; Question 87: An administrator notices that former temporary employees' ac...; Question 88: After analyzing and correlating activity from multiple senso...; Question 89: Which of the following represents a cryptographic solution w...; Question 90: Vendors typically ship software applications with security s...; Question 91: Ann a security technician receives a report from a user that...; Question 92: The librarian wants to secure the public Internet kiosk PCs ...; Question 93: An attacker attempted to compromise a web form by inserting ...; Question 94: Certificates are used for: (Choose two.)...; Question 95: Allowing unauthorized removable devices to connect to comput...; Question 96: Establishing a method to erase or clear cluster tips is an e...; Question 97: An administrator is instructed to disable IP-directed broadc...; Question 98: Which of the following describes how Sara, an attacker, can ...; Question 99: A software development company wants to implement a digital ...; Question 100: The access control list (ACL) for a file on a server is as f...; Question 101: An encrypted message is sent using PKI from Sara, a client, ...; Question 102: Users report that they are unable to access network printing...; Question 103: The ore-sales engineering team needs to quickly provide accu...; Question 104: Joe is the accounts payable agent for ABC Company. Joe has b...; Question 105: Company XYZ recently salvaged company laptops and removed al...; Question 106: Which of the following authentication services combines auth...; Question 107: Which of the following types of security controls are visibl...; Question 108: Which of the following MUST be updated immediately when an e...; Question 109: An employee needs to connect to a server using a secure prot...; Question 110: Which of the following would be MOST appropriate if an organ...; Question 111: Sara, a security administrator, manually hashes all network ...; Question 112: A security administrator has concerns that employees are ins...; Question 113: A company is about to release a very large patch to its cust...; Question 114: A company has been attacked and their website has been alter...; Question 115: Some customers have reported receiving an untrusted certific...; Question 116: Maintenance workers find an active network switch hidden abo...; Question 117: A company hosts its public websites internally. The administ...; Question 118: During a disaster recovery planning session, a security admi...; Question 119: Which of the following is a hardware-based security technolo...; Question 120: A security assurance officer is preparing a plan to measure ...; Question 121: Public key certificates and keys that are compromised or wer...; Question 122: A large corporation has data centers geographically distribu...; Question 123: Which of the following types of security services are used t...; Question 124: The security manager reports that the process of revoking ce...; Question 125: Which of the following should be done before resetting a use...; Question 126: Which of the following means a password history value of thr...; Question 127: Users are utilizing thumb drives to connect to USB ports on ...; Question 128: In order to use a two-way trust model the security administr...; Question 129: Sara, a user, downloads a keygen to install pirated software...; Question 130: During an anonymous penetration test, Jane, a system adminis...; Question 131: Which of the following was launched against a company based ...; Question 132: A system administrator is notified by a staff member that th...; Question 133: A company's password and authentication policies prohibit th...; Question 134: Which of the following offers the LEAST secure encryption ca...; Question 135: Which of the following was based on a previous X.500 specifi...; Question 136: Which of the following controls can be implemented together ...; Question 137: Which of the following will allow Pete, a security analyst, ...; Question 138: Company employees are required to have workstation client ce...; Question 139: Digital signatures are used for ensuring which of the follow...; Question 140: After a company has standardized to a single operating syste...; Question 141: Which of the following authentication services should be rep...; Question 142: Which of the following malware types may require user intera...; Question 143: A security technician at a small business is worried about t...; Question 144: After visiting a website, a user receives an email thanking ...; Question 145: Two programmers write a new secure application for the human...; Question 146: An administrator finds that non-production servers are being...; Question 147: The Chief Security Officer (CSO) for a datacenter in a hosti...; Question 148: Which of the following network devices is used to analyze tr...; Question 149: Which of the following incident response plan steps would MO...; Question 150: A large multinational corporation with networks in 30 countr...; Question 151: During the information gathering stage of a deploying role-b...; Question 152: Ann, the security administrator, wishes to implement multifa...; Question 153: The marketing department wants to distribute pens with embed...; Question 154: A small company has recently purchased cell phones for manag...; Question 155: Which of the following attacks involves the use of previousl...; Question 156: A system administrator has noticed network performance issue...; Question 157: How must user accounts for exiting employees be handled?...; Question 158: A company needs to receive data that contains personally ide...; Question 159: Human Resources suspects an employee is accessing the employ...; Question 160: A network technician is configuring clients for VLAN access....; Question 161: What is a system that is intended or designed to be broken i...; Question 162: Several employee accounts appear to have been cracked by an ...; Question 163: Sara, a hacker, is completing a website form to request a fr...; Question 164: The security department has implemented a new laptop encrypt...; Question 165: An administrator is concerned that a company's web server ha...; Question 166: A company needs to provide web-based access to shared data s...; Question 167: A periodic update that corrects problems in one version of a...; Question 168: A company wants to prevent end users from plugging unapprove...; Question 169: Highly sensitive data is stored in a database and is accesse...; Question 170: Ann, the software security engineer, works for a major softw...; Question 171: In order to enter a high-security datacenter, users are requ...; Question 172: A systems administrator has implemented PKI on a classified ...; Question 173: An administrator has a network subnet dedicated to a group o...; Question 174: After Ann, a user, logs into her banking websites she has ac...; Question 175: An SSL/TLS private key is installed on a corporate web proxy...; Question 176: Which of the following assessment techniques would a securit...; Question 177: Jane, a security administrator, has been tasked with explain...; Question 178: Which of the following is mainly used for remote access into...; Question 179: In order to maintain oversight of a third party service prov...; Question 180: Which of the following is an important implementation consid...; Question 181: A new virtual server was created for the marketing departmen...; Question 182: A large bank has moved back office operations offshore to an...; Question 183: A security administrator suspects that an employee in the IT...; Question 184: Suspicious traffic without a specific signature was detected...; Question 185: Which of the following is true about PKI? (Choose two.)...; Question 186: DRAG DROP A security administrator is given the security and...; Question 187: A network administrator is configuring access control for th...; Question 188: Internet banking customers currently use an account number a...; Question 189: Physical documents must be incinerated after a set retention...; Question 190: The finance department just procured a software application ...; Question 191: Which of the following is the BEST technology for the sender...; Question 192: A company has purchased an application that integrates into ...; Question 193: A recently installed application update caused a vital appli...; Question 194: Which of the following could cause a browser to display the ...; Question 195: An administrator needs to submit a new CSR to a CA. Which of...; Question 196: RC4 is a strong encryption protocol that is generally used w...; Question 197: Which of the following can be used on a smartphone to BEST p...; Question 198: Which of the following tests a number of security controls i...; Question 199: Joe, a web developer, wants to make sure his application is ...; Question 200: Matt, a security consultant, has been tasked with increasing...; Question 201: The IT department has setup a website with a series of quest...; Question 202: A technician wants to implement a dual factor authentication...; Question 203: A resent OS patch caused an extended outage. It took the IT ...; Question 204: Jane, an individual, has recently been calling various finan...; Question 205: An organization has a need for security control that identif...; Question 206: A Chief Information Security Officer (CISO) wants to impleme...; Question 207: A security administrator is auditing a database server to en...; Question 208: A security administrator wants to block unauthorized access ...; Question 209: Which of the following MOST interferes with network-based de...; Question 210: Company A submitted a bid on a contract to do work for Compa...; Question 211: A new security analyst is given the task of determining whet...; Question 212: Which of the following access methods uses radio frequency w...; Question 213: A CA is compromised and attacks start distributing malicious...; Question 214: Which of the following is characterized by an attacker attem...; Question 215: Which of the following types of logs could provide clues tha...; Question 216: Which of the following is an indication of an ongoing curren...; Question 217: An administrator needs to renew a certificate for a web serv...; Question 218: A company needs to receive data that contains personally ide...; Question 219: After encrypting all laptop hard drives, an executive office...; Question 220: A company hired Joe, an accountant. The IT administrator wil...; Question 221: A video surveillance audit recently uncovered that an employ...; Question 222: While working on a new project a security administrator want...; Question 223: A security administrator must implement a network that is im...; Question 224: A user has forgotten their account password. Which of the fo...; Question 225: A corporation has experienced several media leaks of proprie...; Question 226: Each server on a subnet is configured to only allow SSH acce...; Question 227: Which of the following is an important step in the initial s...; Question 228: Without validating user input, an application becomes vulner...; Question 229: Which of the following is the BEST method for ensuring all f...; Question 230: Which of the following is the BEST way to prevent Cross-Site...; Question 231: Mike, a user, states that he is receiving several unwanted e...; Question 232: The security consultant is assigned to test a client's new s...; Question 233: An internal auditing team would like to strengthen the passw...; Question 234: Which of the following can be implemented in hardware or sof...; Question 235: An administrator uses a server with a trusted OS and is conf...; Question 236: Use of group accounts should be minimized to ensure the foll...; Question 237: Which of the following can be used to mitigate risk if a mob...; Question 238: A hospital IT department wanted to secure its doctor's table...; Question 239: Which of the following types of wireless attacks would be us...; Question 240: Which of the following allows a company to maintain access t...; Question 241: Ann has taken over as the new head of the IT department. One...; Question 242: When employees that use certificates leave the company they ...; Question 243: Which of the following would MOST likely involve GPS?...; Question 244: A security administrator wants to deploy security controls t...; Question 245: The chief Risk officer is concerned about the new employee B...; Question 246: A company hires outside security experts to evaluate the sec...; Question 247: Identifying a list of all approved software on a system is a...; Question 248: Joe needs to track employees who log into a confidential dat...; Question 249: A security administrator needs a locally stored record to re...; Question 250: One of the servers on the network stops responding due to la...; Question 251: A security administrator must implement a system to allow cl...; Question 252: A company requires that all users enroll in the corporate PK...; Question 253: A security administrator must implement a wireless encryptio...; Question 254: Which of the following techniques can be used to prevent the...; Question 255: An email client says a digital signature is invalid and the ...; Question 256: A CRL is comprised of.; Question 257: A software development company has hired a programmer to dev...; Question 258: Which of the following provides Digital Signatures?...; Question 259: Which of the following security benefits would be gained by ...; Question 260: A security specialist has been asked to evaluate a corporate...; Question 261: A security administrator is reviewing the below output from ...; Question 262: An administrator has successfully implemented SSL on srv4.co...; Question 263: Which of the following protocols is the security administrat...; Question 264: Which of the following is used to verify data integrity?...; Question 265: Joe, a user, wants to protect sensitive information stored o...; Question 266: Which of the following is described as an attack against an ...; Question 267: Which of the following is the practice of marking open wirel...; Question 268: Pete, an employee, is terminated from the company and the le...; Question 269: During an audit, the security administrator discovers that t...; Question 270: Which of the following does full disk encryption prevent?...; Question 271: Which of the following MUST Matt, a security administrator, ...; Question 272: A program has been discovered that infects a critical Window...; Question 273: Company A sends a PGP encrypted file to company B. If compan...; Question 274: A team of firewall administrators have access to a `master p...; Question 275: Given the following list of corporate access points, which o...; Question 276: ABC company has a lot of contractors working for them. The p...; Question 277: An administrator has two servers and wants them to communica...; Question 278: A security administrator wants to get a real time look at wh...; Question 279: Which of the following authentication provides users XML for...; Question 280: Which of the following password attacks is MOST likely to cr...; Question 281: A user has plugged in a wireless router from home with defau...; Question 282: Pete, an employee, needs a certificate to encrypt data. Whic...; Question 283: Which of the following is an XML based open standard used in...; Question 284: Which of the following is the below pseudo-code an example o...; Question 285: Matt, a security administrator, wants to ensure that the mes...; Question 286: Ann, a security analyst, is preparing for an upcoming securi...; Question 287: Which of the following explains the difference between a pub...; Question 288: A security administrator has been tasked with setting up a n...; Question 289: The BEST methods for a web developer to prevent the website ...; Question 290: Users can authenticate to a company's web applications using...; Question 291: A security technician is working with the network firewall t...; Question 292: Pete, the system administrator, has concerns regarding users...; Question 293: A user attempts to install a new and relatively unknown soft...; Question 294: A new intern was assigned to the system engineering departme...; Question 295: An IT auditor tests an application as an authenticated user....; Question 296: While opening an email attachment, Pete, a customer, receive...; Question 297: Which of the following MOST interferes with network-based de...; Question 298: A technician is reviewing the logical access control method ...; Question 299: Joe, an employee, was escorted from the company premises due...; Question 300: An insurance company requires an account recovery process so...; Question 301: A security administrator is concerned about the strength of ...; Question 302: An organization has introduced token-based authentication to...; Question 303: Which of the following types of cloud computing would be MOS...; Question 304: A bank has recently deployed mobile tablets to all loan offi...; Question 305: The chief Risk officer is concerned about the new employee B...; Question 306: Which of the following can a security administrator implemen...; Question 307: Which of the following is replayed during wireless authentic...; Question 308: A company's employees were victims of a spear phishing campa...; Question 309: A new web server has been provisioned at a third party hosti...; Question 310: Which of the following are examples of detective controls?...; Question 311: Which of the following software allows a network administrat...; Question 312: Matt, the Chief Information Security Officer (CISO), tells t...; Question 313: Which of the following should be used when a business needs ...; Question 314: One month after a software developer was terminated, the hel...; Question 315: Which of the following are examples of network segmentation?...; Question 316: Which of the following hardware based encryption devices is ...; Question 317: Which of the following provides RADIUS?...; Question 318: Which of the following can be used as an equipment theft det...; Question 319: Methods to test the responses of software and web applicatio...; Question 320: Disabling unnecessary services, restricting administrative a...; Question 321: Which of the following attacks targets high level executives...; Question 322: A recent audit has revealed weaknesses in the process of dep...; Question 323: When designing a corporate NAC solution, which of the follow...; Question 324: A company requires that a user's credentials include providi...; Question 325: Which of the following wireless security measures can an att...; Question 326: A security manager requires fencing around the perimeter, an...; Question 327: Which of the following can be used to maintain a higher leve...; Question 328: Which of the following describes purposefully injecting extr...; Question 329: Which of the following uses both a public and private key?...; Question 330: A way to assure data at-rest is secure even in the event of ...; Question 331: The IT department has set up a share point site to be used o...; Question 332: A password audit has revealed that a significant percentage ...; Question 333: The help desk is experiencing a higher than normal amount of...; Question 334: A user was reissued a smart card after the previous smart ca...; Question 335: The call center supervisor has reported that many employees ...; Question 336: Use of a smart card to authenticate remote servers remains M...; Question 337: After a security incident involving a physical asset, which ...; Question 338: The Quality Assurance team is testing a new third party deve...; Question 339: A computer is suspected of being compromised by malware. The...; Question 340: Which of the following allows an organization to store a sen...; Question 341: Which of the following is synonymous with a server's certifi...; Question 342: A financial company requires a new private network link with...; Question 343: A new MPLS network link has been established between a compa...; Question 344: Pete, the compliance manager, wants to meet regulations. Pet...; Question 345: Which of the following describes a type of malware which is ...; Question 346: Due to hardware limitation, a technician must implement a wi...; Question 347: Which of the following may cause Jane, the security administ...; Question 348: A bank has a fleet of aging payment terminals used by mercha...; Question 349: A network administrator is responsible for securing applicat...; Question 350: SIMULATION A security administrator discovers that an attack...; Question 351: Which of the following is commonly LDAP and Kerberos used fo...; Question 352: The Chief Security Officer (CSO) is contacted by a first res...; Question 353: A new application needs to be deployed on a virtual server. ...; Question 354: A business has set up a Customer Service kiosk within a shop...; Question 355: Access mechanisms to data on encrypted USB hard drives must ...; Question 356: A company's security administrator wants to manage PKI for i...; Question 357: Matt, an administrator, is concerned about the wireless netw...; Question 358: While setting up a secure wireless corporate network, which ...; Question 359: The security administrator installed a newly generated SSL c...; Question 360: Joe, a user, reports to the system administrator that he is ...; Question 361: Which of the following is a measure of biometrics performanc...; Question 362: Which of the following is a common coding error in which bou...; Question 363: A group policy requires users in an organization to use stro...; Question 364: Which of the following devices will help prevent a laptop fr...; Question 365: A user commuting to work via public transport received an of...; Question 366: Ann, a software developer, has installed some code to reacti...; Question 367: How often, at a MINIMUM, should Sara, an administrator, revi...; Question 368: Sara, an attacker, is recording a person typing in their ID ...; Question 369: Pete, the security administrator, has been notified by the I...; Question 370: Which of the following allows lower level domains to access ...; Question 371: Which of the following can use RC4 for encryption? (Choose t...; Question 372: Which of the following provides a user ID and password toget...; Question 373: Which of the following is true about an email that was signe...; Question 374: A network administrator has identified port 21 being open an...; Question 375: A security administrator looking through IDS logs notices th...; Question 376: A security administrator wants to ensure that the message th...; Question 377: A company wants to ensure that all aspects if data are prote...; Question 378: Which of the following is a vulnerability associated with di...; Question 379: Verifying the integrity of data submitted to a computer prog...; Question 380: Attempting to inject 50 alphanumeric key strokes including s...; Question 381: Which of the following is built into the hardware of most la...; Question 382: Using a heuristic system to detect an anomaly in a computer'...; Question 383: A security administrator is aware that a portion of the comp...; Question 384: Which of the following would prevent a user from installing ...; Question 385: A technician wants to verify the authenticity of the system ...; Question 386: Which of the following can be implemented with multiple bit ...; Question 387: Which of the following types of authentication packages user...; Question 388: A security technician has been asked to recommend an authent...; Question 389: Which of the following would Jane, an administrator, use to ...; Question 390: An administrator wants to ensure that the reclaimed space of...; Question 391: A system security analyst using an enterprise monitoring too...; Question 392: A security administrator is designing an access control syst...; Question 393: An administrator has advised against the use of Bluetooth ph...; Question 394: Which of the following types of attacks is based on coordina...; Question 395: Ann, the Chief Technology Officer (CTO), has agreed to allow...; Question 396: A network administrator is looking for a way to automaticall...; Question 397: The librarian wants to secure the public Internet kiosk PCs ...; Question 398: An attacker crafts a message that appears to be from a trust...; Question 399: Which of the following, if properly implemented, would preve...; Question 400: An administrator finds that non-production servers are being...; Question 401: A company recently experienced data loss when a server crash...; Question 402: A user has several random browser windows opening on their c...; Question 403: During a penetration test from the Internet, Jane, the syste...; Question 404: Timestamps and sequence numbers act as countermeasures again...; Question 405: A security administrator must implement all requirements in ...; Question 406: Which of the following is a notification that an unusual con...; Question 407: A system administrator has noticed vulnerability on a high i...; Question 408: A company is about to release a very large patch to its cust...; Question 409: Which of the following is BEST utilized to identify common m...; Question 410: A recent spike in virus detections has been attributed to en...; Question 411: Which of the following types of encryption will help in prot...; Question 412: A security technician is attempting to improve the overall s...; Question 413: Which of the following is a vulnerability associated with di...; Question 414: Which of the following types of data encryption would Matt, ...; Question 415: A security analyst performs the following activities: monito...; Question 416: The recovery agent is used to recover the:...; Question 417: Which of the following would a security administrator implem...; Question 418: Joe analyzed the following log and determined the security t...; Question 419: Which of the following is the term for a fix for a known sof...; Question 420: A program displays: ERROR: this program has caught an except...; Question 421: A computer is found to be infected with malware and a techni...; Question 422: An IT security technician is actively involved in identifyin...; Question 423: Which of the following allows a network administrator to imp...; Question 424: A server administrator notes that a fully patched applicatio...; Question 425: Which of the following would be a reason for developers to u...; Question 426: An administrator is building a development environment and r...; Question 427: Which of the following types of application attacks would be...; Question 428: Pete, the compliance manager, wants to meet regulations. Pet...; Question 429: A Company has recently identified critical systems that supp...; Question 430: Which of the following is true about the CRL?...; Question 431: A user has unknowingly gone to a fraudulent site. The securi...; Question 432: Two organizations want to share sensitive data with one anot...; Question 433: The company's sales team plans to work late to provide the C...; Question 434: The IT department has installed new wireless access points b...; Question 435: Joe, an application developer, is building an external facin...; Question 436: A security administrator is investigating a recent server br...; Question 437: To ensure compatibility with their flagship product, the sec...; Question 438: A company wants to ensure that all credentials for various s...; Question 439: Which of the following describes the process of removing unn...; Question 440: A security manager installed a standalone fingerprint reader...; Question 441: A new mobile banking application is being developed and uses...; Question 442: Which of the following should a security technician implemen...; Question 443: Pete, a security analyst, has been tasked with explaining th...; Question 444: The software developer is responsible for writing the code a...; Question 445: Purchasing receives an automated phone call from a bank aski...; Question 446: Full disk encryption is MOST effective against the following...; Question 447: An organization is required to log all user internet activit...; Question 448: Which of the following types of attacks involves interceptio...; Question 449: Ann, a security analyst, has discovered that her company has...; Question 450: Which of the following BEST describes the type of attack tha...; Question 451: In order to enter a high-security data center, users are req...; Question 452: A process in which the functionality of an application is te...; Question 453: Which of the following can a security administrator implemen...; Question 454: A security administrator has installed a new KDC for the cor...; Question 455: An investigator recently discovered that an attacker placed ...; Question 456: Joe must send Ann a message and provide Ann with assurance t...; Question 457: An organization processes credit card transactions and is co...; Question 458: Matt, a forensic analyst, wants to obtain the digital finger...; Question 459: Which of the following data security techniques will allow M...; Question 460: The security administrator runs an rpm verify command which ...; Question 461: Which of the following technologies was developed to allow c...; Question 462: Which of the following provides the HIGHEST level of confide...; Question 463: Users have been reporting that their wireless access point i...; Question 464: The fundamental information security principals include conf...; Question 465: The information security technician wants to ensure security...; Question 466: Sara, an application developer, implemented error and except...; Question 467: Which of the following is an attack designed to activate bas...; Question 468: A security administrator has implemented a policy to prevent...; Question 469: A malicious individual is attempting to write too much data ...; Question 470: Which of the following can Joe, a security administrator, im...; Question 471: Although a vulnerability scan report shows no vulnerabilitie...; Question 472: Joe, a user, in a coffee shop is checking his email over a w...; Question 473: A user reports being unable to access a file on a network sh...; Question 474: Users report that after downloading several applications, th...; Question 475: An agent wants to create fast and efficient cryptographic ke...; Question 476: The finance department works with a bank which has recently ...; Question 477: Which of the following can be used to ensure digital certifi...; Question 478: Which of the following must be kept secret for a public key ...; Question 479: Ann, a security administrator, wishes to replace their RADIU...; Question 480: A server administrator notes that a legacy application often...; Question 481: Which of the following is a way to implement a technical con...; Question 482: Which of the following is a penetration testing method?...; Question 483: A merchant acquirer has the need to store credit card number...; Question 484: The process of making certain that an entity (operating syst...; Question 485: A security administrator has been tasked to ensure access to...; Question 486: Which of the following protocols is vulnerable to man-in-the...; Question 487: A computer security officer has investigated a possible data...; Question 488: A security administrator discovers an image file that has se...; Question 489: Which of the following services are used to support authenti...; Question 490: DRAG DROP Determine the types of attacks below by selecting ...; Question 491: A company has just deployed a centralized event log storage ...; Question 492: Users are trying to communicate with a network but are unabl...; Question 493: The public key is used to perform the following: (Choose thr...; Question 494: When reviewing a digital certificate for accuracy, which of ...; Question 495: Which of the following is an authentication method that can ...; Question 496: In an environment where availability is critical such as Ind...; Question 497: Which of the following tools would a security administrator ...; Question 498: Ann, the network administrator, has learned from the helpdes...; Question 499: Which of the following security concepts identifies input va...; Question 500: Which of the following authentication protocols makes use of...; Question 501: A security administrator wants to deploy security controls t...; Question 502: An administrator is assigned to monitor servers in a data ce...; Question 503: Which of the following can be used as an equipment theft det...; Question 504: Which of the following practices is used to mitigate a known...; Question 505: Which of the following can be used by a security administrat...; Question 506: A company has recently allowed employees to take advantage o...; Question 507: Identifying a list of all approved software on a system is a...; Question 508: Which of the following is replayed during wireless authentic...; Question 509: Which of the following is true about input validation in a c...; Question 510: Which of the following is public keys used for?...; Question 511: Which statement is TRUE about the operation of a packet snif...; Question 512: Which of the following ciphers would be BEST used to encrypt...; Question 513: The information security technician wants to ensure security...; Question 514: A way to assure data at-rest is secure even in the event of ...; Question 515: A security administrator is notified that users attached to ...; Question 516: Which of the following controls mitigates the risk of Matt, ...; Question 517: A system administrator is setting up a file transfer server....; Question 518: The security team would like to gather intelligence about th...; Question 519: Joe, an employee is taking a taxi through a busy city and st...; Question 520: Which of the following password attacks involves attempting ...; Question 521: Which of the following protocols encapsulates an IP packet w...; Question 522: Matt, a security analyst, needs to select an asymmetric encr...; Question 523: A security administrator forgets their card to access the se...; Question 524: Which of the following application attacks is used to gain a...; Question 525: A system administrator is configuring shared secrets on serv...; Question 526: A system administrator needs to ensure that certain departme...; Question 527: In order for Sara, a client, to logon to her desktop compute...; Question 528: After Matt, a user, enters his username and password at the ...; Question 529: Which of the following does full disk encryption prevent?...; Question 530: Which of the following authentication methods can use the SC...; Question 531: Each server on a subnet is configured to only allow SSH acce...; Question 532: Purchasing receives a phone call from a vendor asking for a ...; Question 533: Which of the following would be used when a higher level of ...; Question 534: A security manager must remain aware of the security posture...; Question 535: The Chief Information Officer (CIO) receives an anonymous th...; Question 536: A network administrator identifies sensitive files being tra...; Question 537: Which of the following wireless protocols could be vulnerabl...; Question 538: A system administrator wants to confidentially send a user n...; Question 539: Which of the following types of trust models is used by a PK...; Question 540: In PKI, a key pair consists of: (Choose two.)...; Question 541: Which of the following types of authentication solutions use...; Question 542: Recent data loss on financial servers due to security breach...; Question 543: The call center supervisor has reported that many employees ...; Question 544: Which of the following techniques describes the use of appli...; Question 545: Sara, a security manager, has decided to force expiration of...; Question 546: A security administrator examines a network session to a com...; Question 547: Which of the following is MOST critical in protecting contro...; Question 548: Which of the following is the best practice to put at the en...; Question 549: Joe, an administrator, installs a web server on the Internet...; Question 550: A network inventory discovery application requires non-privi...; Question 551: Which of the following would Matt, a security administrator,...; Question 552: A system administrator is using a packet sniffer to troubles...; Question 553: A security administrator wants to implement a solution which...; Question 554: Which of the following must a user implement if they want to...; Question 555: Which of the following would BEST deter an attacker trying t...; Question 556: Which of the following encompasses application patch managem...; Question 557: An organization must implement controls to protect the confi...; Question 558: Which of the following provides the strongest authentication...; Question 559: A small company wants to employ PKI. The company wants a cos...; Question 560: Pete, the system administrator, has concerns regarding users...; Question 561: The Chief Executive Officer (CEO) receives a suspicious voic...; Question 562: Various employees have lost valuable customer data due to ha...; Question 563: Which of the following would be used as a secure substitute ...; Question 564: Which of the following has a storage root key?...; Question 565: Which of the following describes the process of removing unn...; Question 566: A system administrator has made several unauthorized changes...; Question 567: A network administrator uses an RFID card to enter the datac...; Question 568: Sara, a security engineer, is testing encryption ciphers for...; Question 569: Which of the following practices is used to mitigate a known...; Question 570: A cafe provides laptops for Internet access to their custome...; Question 571: Which of the following is a concern when encrypting wireless...; Question 572: A software firm posts patches and updates to a publicly acce...; Question 573: Which of the following implementation steps would be appropr...; Question 574: Which of the following is an authentication and accounting s...; Question 575: Which of the following BEST allows Pete, a security administ...; Question 576: A security administrator needs to determine which system a p...; Question 577: Which of the following would a security administrator implem...; Question 578: The system administrator notices that many employees are usi...; Question 579: Which of the following would prevent a user from installing ...; Question 580: Which of the following BEST explains Platform as a Service?...; Question 581: Which of the following controls would allow a company to red...; Question 582: All executive officers have changed their monitor location s...; Question 583: HOTSPOT For each of the given items, select the appropriate ...; Question 584: Which of the following is used by the recipient of a digital...; Question 585: An administrator is building a development environment and r...; Question 586: Which of the following design components is used to isolate ...; Question 587: Ann is traveling for business and is attempting to use the h...; Question 588: Which of the following BEST describes using a smart card and...; Question 589: Using proximity card readers instead of the traditional key ...; Question 590: Which of the following BEST represents the goal of a vulnera...; Question 591: Pete, a developer, writes an application. Jane, the security...; Question 592: A network engineer is configuring a VPN tunnel connecting a ...; Question 593: A quality assurance analyst is reviewing a new software prod...; Question 594: A system administrator has noticed that users change their p...; Question 595: A system administrator is configuring UNIX accounts to authe...; Question 596: An administrator was asked to review user accounts. Which of...; Question 597: Which of the following are restricted to 64-bit block sizes?...; Question 598: Which of the following should Matt, a security administrator...; Question 599: Which of the following is an authentication service that use...; Question 600: If Organization A trusts Organization B and Organization B t...; Question 601: During a recent investigation, an auditor discovered that an...; Question 602: Matt, a developer, recently attended a workshop on a new app...; Question 603: Jane, an IT security technician, needs to create a way to se...; Question 604: Which of the following attacks allows access to contact list...; Question 605: Joe, a technician, is tasked with finding a way to test oper...; Question 606: A database administrator receives a call on an outside telep...; Question 607: Which of the following file systems is from Microsoft and wa...; Question 608: The system administrator is reviewing the following logs fro...; Question 609: Fuzzing is a security assessment technique that allows teste...; Question 610: Joe, the system administrator, is setting up a wireless netw...; Question 611: Deploying a wildcard certificate is one strategy to:...; Question 612: After an audit, it was discovered that an account was not di...; Question 613: Allowing unauthorized removable devices to connect to comput...; Question 614: A server with the IP address of 10.10.2.4 has been having in...; Question 615: A technician wants to secure communication to the corporate ...; Question 616: Users are encouraged to click on a link in an email to obtai...; Question 617: Which of the following helps to establish an accurate timeli...; Question 618: The Chief Technology Officer (CTO) wants to improve security...; Question 619: Which of the following devices would be the MOST efficient w...; Question 620: Which of the following is an advantage of implementing indiv...; Question 621: Which of the following malware types is MOST likely to execu...; Question 622: An auditing team has found that passwords do not meet the be...; Question 623: Which of the following actions in PKI takes a certificate au...; Question 624: Which of the following passwords is the LEAST complex?...; Question 625: An application developer has tested some of the known exploi...; Question 626: An employee's mobile device associates with the company's gu...; Question 627: Ann works at a small company and she is concerned that there...; Question 628: Which of the following protocols is used to validate whether...; Question 629: Prior to leaving for an extended vacation, Joe uses his mobi...; Question 630: A security analyst discovered data such as images and word d...; Question 631: When using PGP, which of the following should the end user p...; Question 632: Joe, the information security manager, is tasked with calcul...; Question 633: The Chief Information Security Officer (CISO) is concerned t...; Question 634: A security administrator wants to perform routine tests on t...; Question 635: An administrator has concerns regarding the company's server...; Question 636: Which of the following documents outlines the technical and ...; Question 637: After visiting a website, a user receives an email thanking ...; Question 638: When creating a public / private key pair, for which of the ...; Question 639: Which of the following can be implemented if a security admi...; Question 640: A security engineer is asked by the company's development te...; Question 641: To protect corporate data on removable media, a security pol...; Question 642: Which of the following devices is used for the transparent s...; Question 643: Jane, an IT security technician, needs to create a way to se...; Question 644: Which of the following solutions provides the most flexibili...; Question 645: Which of the following should a company implement to BEST mi...; Question 646: A systems engineer has been presented with storage performan...; Question 647: Pete, the security engineer, would like to prevent wireless ...; Question 648: Which of the following controls can be implemented together ...; Question 649: A periodic update that corrects problems in one version of a...; Question 650: Which of the following common access control models is commo...; Question 651: The system administrator wishes to implement a hardware-base...; Question 652: Which of the following can be performed when an element of t...; Question 653: Which of the following application security testing techniqu...; Question 654: A bank has recently deployed mobile tablets to all loan offi...; Question 655: Which of the following authentication services requires the ...; Question 656: One of the most consistently reported software security vuln...; Question 657: A set of standardized system images with a pre-defined set o...; Question 658: An IT security technician needs to establish host based secu...; Question 659: An administrator has to determine host operating systems on ...; Question 660: Which of the following symmetric key algorithms are examples...; Question 661: A technician has implemented a system in which all workstati...; Question 662: The process of making certain that an entity (operating syst...; Question 663: Which of the following is BEST utilized to actively test sec...; Question 664: An administrator discovers that many users have used their s...; Question 665: Which of the following cryptographic algorithms is MOST ofte...; Question 666: Joe, a user, wants to send an encrypted email to Ann. Which ...; Question 667: Pete's corporation has outsourced help desk services to a la...; Question 668: Which of the following documents outlines the responsibility...; Question 669: Which of the following is the MOST intrusive type of testing...; Question 670: Several users report to the administrator that they are havi...; Question 671: Which of the following security architecture elements also h...; Question 672: Jane, a security administrator, needs to implement a secure ...; Question 673: An IT security technician needs to establish host based secu...; Question 674: A network analyst received a number of reports that imperson...; Question 675: A distributed denial of service attack can BEST be described...; Question 676: Ann wants to send a file to Joe using PKI. Which of the foll...; Question 677: Which of the following types of application attacks would be...; Question 678: A security technician is attempting to access a wireless net...; Question 679: Which of the following BEST explains the use of an HSM withi...; Question 680: A security analyst, Ann, is reviewing an IRC channel and not...; Question 681: Which of the following application attacks is used against a...; Question 682: The system administrator has been notified that many users a...; Question 683: A security administrator implements access controls based on...; Question 684: Which of the following is an application security coding pro...; Question 685: If Organization A trusts Organization B and Organization B t...; Question 686: Several employees clicked on a link in a malicious message t...; Question 687: A security technician has been tasked with opening ports on ...; Question 688: Pete, a security auditor, has detected clear text passwords ...; Question 689: A network security engineer notices unusual traffic on the n...; Question 690: An information bank has been established to store contacts, ...; Question 691: An auditor's report discovered several accounts with no acti...; Question 692: A vulnerability assessment indicates that a router can be ac...; Question 693: A company is concerned that a compromised certificate may re...; Question 694: Joe a company's new security specialist is assigned a role t...; Question 695: An incident occurred when an outside attacker was able to ga...; Question 696: After a user performed a war driving attack, the network adm...; Question 697: Ann an employee is visiting Joe, an employee in the Human Re...; Question 698: A security administrator has concerns regarding employees sa...; Question 699: A security Operations Center was scanning a subnet for infec...; Question 700: Which of the following is characterized by an attack against...; Question 701: A new network administrator is setting up a new file server ...; Question 702: Ann, an employee, is cleaning out her desk and disposes of p...; Question 703: Which of the following should Matt, a security administrator...; Question 704: An attacker used an undocumented and unknown application exp...; Question 705: A small company has a website that provides online customer ...; Question 706: Which of the following will allow Pete, a security analyst, ...; Question 707: A new client application developer wants to ensure that the ...; Question 708: Which of the following should an administrator implement to ...; Question 709: Which of the following is where an unauthorized device is fo...; Question 710: Failure to validate the size of a variable before writing it...; Question 711: Which device monitors network traffic in a passive manner?...; Question 712: A user has several random browser windows opening on their c...; Question 713: Which of the following tools will allow a technician to dete...; Question 714: When considering a vendor-specific vulnerability in critical...; Question 715: In which of the following scenarios is PKI LEAST hardened?...; Question 716: Which of the following would a security administrator use to...; Question 717: The database server used by the payroll system crashed at 3 ...; Question 718: Which of the following is an example of multifactor authenti...; Question 719: Which of the following devices will help prevent a laptop fr...; Question 720: Which of the following technical controls helps to prevent S...; Question 721: Which of the following malware types typically allows an att...; Question 722: Based on information leaked to industry websites, business m...; Question 723: The IT department noticed that there was a significant decre...; Question 724: A certificate used on an e-commerce web server is about to e...; Question 725: One of the most basic ways to protect the confidentiality of...; Question 726: Several departments in a corporation have a critical need fo...; Question 727: Several users' computers are no longer responding normally a...; Question 728: A security administrator must implement a secure key exchang...; Question 729: Several bins are located throughout a building for secure di...; Question 730: A company has purchased an application that integrates into ...; Question 731: Which of the following controls should critical application ...; Question 732: A software developer utilizes cryptographic functions to gen...; Question 733: During a server audit, a security administrator does not not...; Question 734: Which of the following technical controls helps to prevent S...; Question 735: Which of the following authentication services uses a ticket...; Question 736: Disabling unnecessary services, restricting administrative a...; Question 737: A technician has implemented a system in which all workstati...; Question 738: Which of the following would a security administrator implem...; Question 739: Which of the following can be used to maintain a higher leve...; Question 740: When confidentiality is the primary concern, and a secure ch...; Question 741: When Ann an employee returns to work and logs into her works...; Question 742: After viewing wireless traffic, an attacker notices the foll...; Question 743: A hacker has discovered a simple way to disrupt business for...; Question 744: A computer supply company is located in a building with thre...; Question 745: Which of the following is a security advantage of using NoSQ...; Question 746: A company is looking to improve their security posture by ad...; Question 747: Which of the following authenticate connections using point-...; Question 748: The Chief Information Officer (CIO) has asked a security ana...; Question 749: Jane, a security administrator, has observed repeated attemp...; Question 750: An internal audit has detected that a number of archived tap...; Question 751: Which of the following attacks would cause all mobile device...; Question 752: Which of the following algorithms has well documented collis...; Question 753: Which of the following protocols provides transport security...; Question 754: Which of the following provides additional encryption streng...; Question 755: A user casually browsing the Internet is redirected to a war...; Question 756: In regard to secure coding practices, why is input validatio...; Question 757: A victim is logged onto a popular home router forum site in ...; Question 758: Which of the following cryptographic related browser setting...; Question 759: A company with a US-based sales force has requested that the...; Question 760: Sara, the Chief Information Officer (CIO), has requested an ...; Question 761: Which of the following BEST describes a protective counterme...; Question 762: Which of the following is a hardware based encryption device...; Question 763: Ann, the security administrator, received a report from the ...; Question 764: Which of the following types of cryptography should be used ...; Question 765: A company's Chief Information Officer realizes the company c...; Question 766: Which of the following is BEST used to capture and analyze n...; Question 767: Ann, a newly hired human resource employee, sent out confide...; Question 768: Which of the following presents the STRONGEST access control...; Question 769: Four weeks ago, a network administrator applied a new IDS an...; Question 770: A trojan was recently discovered on a server. There are now ...; Question 771: Which of the following relies on the use of shared secrets t...; Question 772: Which of the following protocols provides for mutual authent...; Question 773: The BEST methods for a web developer to prevent the website ...; Question 774: Which of the following can be performed when an element of t...; Question 775: A network administrator noticed various chain messages have ...; Question 776: A security administrator notices large amounts of traffic wi...; Question 777: A new application needs to be deployed on a virtual server. ...; Question 778: The act of magnetically erasing all of the data on a disk is...; Question 779: Jane, a security analyst, is reviewing logs from hosts acros...; Question 780: Which of the following application security principles invol...; Question 781: Users at a company report that a popular news website keeps ...; Question 782: A user, Ann, is reporting to the company IT support group th...; Question 783: Which of the following BEST describes the type of attack tha...; Question 784: Which of the following identifies certificates that have bee...; Question 785: At the outside break area, an employee, Ann, asked another e...; Question 786: Which of the following protocols uses TCP instead of UDP and...; Question 787: Which of the following can hide confidential or malicious da...; Question 788: After a recent breach, the security administrator performs a...; Question 789: A recently installed application update caused a vital appli...; Question 790: Which of the following is the best practice for error and ex...; Question 791: Speaking a passphrase into a voice print analyzer is an exam...; Question 792: Joe, a network security engineer, has visibility to network ...; Question 793: An employee connects a wireless access point to the only jac...; Question 794: Full disk encryption is MOST effective against the following...; Question 795: Which of the following types of technologies is used by secu...; Question 796: Which of the following can be used on a smartphone to BEST p...; Question 797: A network administrator is responsible for securing applicat...; Question 798: Ann, the system administrator, is installing an extremely cr...; Question 799: An employee in the accounting department recently received a...; Question 800: A system security analyst wants to capture data flowing in a...

Question 761/800

LEAVE A REPLY

Download PDF File