Valid 312-85 Dumps shared by EduDump.com for Helping Passing 312-85 Exam! EduDump.com now offer the newest 312-85 exam dumps, the EduDump.com 312-85 exam questions have been updated and answers have been corrected get the newest EduDump.com 312-85 dumps with Test Engine here:
Bob is a threat intelligence analyst in Global Technologies Inc. While extracting threat intelligence, he identified that the organization is vulnerable to various application threats that can be exploited by attackers. Which of the following are the possible application threats that have been identified by Bob?
Correct Answer: A
The question specifies that the vulnerabilities are application threats. SQL injection and buffer overflow are both classic examples of application-layer attacks that target flaws in code and software design. * SQL Injection: Exploits improper input validation in database queries, allowing attackers to execute malicious SQL statements. * Buffer Overflow: Occurs when a program writes more data into a buffer than it can handle, leading to memory corruption and potential remote code execution. Why the Other Options Are Incorrect: * B. Man-in-the-middle and physical security attack: MITM is a network attack, and physical attacks are not application-based. * C. DNS and ARP poisoning: These are network-level attacks, not application-level. * D. Footprinting and spoofing: Both are reconnaissance or identity-deception techniques, not application-layer threats. Conclusion: Bob identified application threats, namely SQL Injection and Buffer Overflow attacks. Final Answer: A. SQL injection and buffer overflow attack Explanation Reference (Based on CTIA Study Concepts): CTIA categorizes SQL injection and buffer overflow as application-level vulnerabilities exploited through improper input handling and insecure coding.
