One reason why an organization would consider a distributed application is:
Some components are easier to operate
Distributed applications have a simpler architecture than other types of applications
Some application components are owned and operated by other organizations
Distributed applications are easier to secure
All of the following are advantages of using self-signed SSL certificates EXCEPT:
Server authentication
Lower cost
Easier to create
More difficult to crack
The best defense against a NOP sled attack is:
Firewall
Anti-virus
The strcpy() function
Input boundary checking
The instructions contained with an object are known as its: A)
Class
Firmware
Code
Method
The purpose for putting a “canary” value in the stack is:
To detect a dictionary attack
To detect a stack smashing attack
To detect parameter tampering
To detect script injection
“Safe languages” and “safe libraries” are so-called because:
They automatically detect some forms of input attacks
They automatically detect parameter tampering
They automatically detect script injection
They automatically detect malware attacks
The following are characteristics of a computer virus EXCEPT:
Polymorphic
Downloadable
Self propagating
Embedded in spam
Rootkits can be difficult to detect because:
They are encrypted
They are polymorphic
They reside in ROM instead of the hard drive
They use techniques to hide themselves
An attack on a DNS server to implant forged “A” records is characteristic of a:
Pharming attack
Phishing attack
Whaling attack
Spim attack
The purpose of digitally signing a Browser Helper Object (BHO) is:
To prove its origin
To prove hhat it is not malicious
To prove that it can be trusted
To prove that it was downloaded properly
An organization wants to prevent SQL and script injection attacks on its Internet web application. The organization should implement a/an:
Intrusion detection system
Application firewall
SSL certificate
A defense in depth strategy for anti-malware is recommended because:
There are many malware attack vectors
Anti-virus software is often troublesome on end user workstations
Malware can hide in SSL transmissions
Users can defeat anti-malware on their workstations
The primary advantage of the use of workstation-based anti-virus is:
Virus signature updates can be performed less often
Virus signature updates can be performed more often
The user can control its configuration
This approach can defend against most, if not all, attack vectors
The primary purpose of a firewall is:
To protect a server from malicious traffic
To block malicious code
To control traffic between networks
To create a DMZ network
The following are valid reasons to reduce the level of privilege for workstation users EXCEPT:
Decreased support costs because users are unable to change system configurations
Eliminates the need for whole disk encryption
Decreased impact from malware
Increased security because users are unable to tamper with security controls
A system administrator needs to harden a server. The most effective approach is:
Install security patches and install a firewall
Remove unneeded services, remove unneeded accounts, and configure a firewall
Remove unneeded services, disable unused ports, and remove unneeded accounts
Install security patches and remove unneeded services
The most effective countermeasures against input attacks are:
Input field filtering, application firewall, application vulnerability scanning, and developer training
Input field filtering, application firewall, and intrusion prevention system
Input field filtering, application firewall, intrusion detection system, and ethical hacking
Application firewall, intrusion detection system, and developer training
The term “object reuse” refers to:
A method used by malware to exploit weaknesses in running processes
The use of residual computing resources for other purposes
The ability to reuse application code
Processes that can discover and use residual data associated with other processes
A security assessment discovered back doors in an application, and the security manager needs to develop a plan for detecting and removing back doors in the future. The most effective countermeasures that should be chosen are:
Application firewalls
Source code control
Outside code reviews
Peer code reviews
The best time to introduce security into an application is:
Implementation
Design
Development
Testing
A user, Bill, has posted a link on a web site that causes unsuspecting users to transfer money to Bill if they click the link. The link will only work for users who happen to be authenticated to the bank that is the target of the link. This is known as:
Cross site request forgery
Cross-site scripting
Broken authentication
Replay attack
What is the most effective countermeasure against script injection attacks?
Stateful inspection firewall
Disallow server side scripting in the end user’s browser configuration
Filter scripting characters in all input fields
Disallow client side scripting in the end user’s browser configuration
A database administrator (DBA) is responsible for carrying out security policy, which includes controlling which users have access to which data. The DBA has been asked to make just certain fields in some database tables visible to some new users. What is the best course of action for the DBA to take?
Implement column-based access controls
Export the table to a data warehouse, including only the fields that the users are permitted to see
Clone the table, including only the fields that the users are permitted to see
Create a view that contains only the fields that the users are permitted to see
The purpose of Data Control Language is:
Define which users are able to view and manipulate data in a database
Define data structures in a relational database
Define data structures in an object-oriented database
Retrieve, insert, delete and update data in a relational database
A list of all of the significant events that occur in an application is known as:
Audit log
Replay log
Export file
Data dump
