Q4. select id, firstname, lastname from authors User input= firstname= Hack;man lastname=Johnson

Which of the following types of attacks is the user attempting?

A. XML injection

B. Command injection

C. Cross-site scripting

D. SQL injection

View Answer

Q5. The security administrator finds unauthorized tables and records, which were not present before, on a Linux database server. The database server communicates only with one web server, which connects to the database server via an account with SELECT only privileges. Web server logs show the following:

90.76.165.40 u2013 - [08/Mar/2014:10:54:04] u201cGET calendar.php?create%20table%20hidden HTTP/1.1u201d 200 5724

90.76.165.40 u2013 - [08/Mar/2014:10:54:05] u201cGET ../../../root/.bash_history HTTP/1.1u201d 200

5724

90.76.165.40 u2013 - [08/Mar/2014:10:54:04] u201cGET index.php?user=<script>Create</script> HTTP/1.1u201d 200 5724

The security administrator also inspects the following file system locations on the database server using the command u2021ls -al /rootu2021

drwxrwxrwx 11 root root 4096 Sep 28 22:45 .

drwxr-xr-x 25 root root 4096 Mar 8 09:30 ..

-rws------ 25 root root 4096 Mar 8 09:30 .bash_history

-rw------- 25 root root 4096 Mar 8 09:30 .bash_history

-rw------- 25 root root 4096 Mar 8 09:30 .profile

-rw------- 25 root root 4096 Mar 8 09:30 .ssh

Which of the following attacks was used to compromise the database server and what can the security administrator implement to detect such attacks in the future? (Select TWO).

A. Privilege escalation

B. Brute force attack

C. SQL injection

D. Cross-site scripting

E. Using input validation, ensure the following characters are sanitized. <>

F. Update crontab with: find / ( -perm -4000 ) u2013type f u2013print0 | xargs -0 ls u2013l | email.sh

G. Implement the following PHP directive: $clean_user_input = addslashes($user_input)

H. Set an account lockout policy

View Answer

Q6. The helpdesk department desires to roll out a remote support application for internal use on all company computers. This tool should allow remote desktop sharing, system log gathering, chat, hardware logging, inventory management, and remote registry access. The risk management team has been asked to review vendor responses to the RFQ. Which of the following questions is the MOST important?

A. What are the protections against MITM?

B. What accountability is built into the remote support application?

C. What encryption standards are used in tracking database?

D. What snapshot or u201cundou201d features are present in the application?

E. What encryption standards are used in remote desktop and file transfer functionality?

View Answer

Q7. The manager of the firewall team is getting complaints from various IT teams that firewall changes are causing issues. Which of the following should the manager recommend to BEST address these issues?

A. Set up a weekly review for relevant teams to discuss upcoming changes likely to have a broad impact.

B. Update the change request form so that requesting teams can provide additional details about the requested changes.

C. Require every new firewall rule go through a secondary firewall administrator for review before pushing the firewall policy.

D. Require the firewall team to verify the change with the requesting team before pushing the updated firewall policy.

View Answer

Q8. A system administrator needs to meet the maximum amount of security goals for a new DNS infrastructure. The administrator deploys DNSSEC extensions to the domain names and infrastructure. Which of the following security goals does this meet? (Select TWO).

A. Availability

B. Authentication

C. Integrity

D. Confidentiality

E. Encryption

View Answer

Q9. Ann, a Physical Security Manager, is ready to replace all 50 analog surveillance cameras with IP cameras with built-in web management. Ann has several security guard desks on different networks that must be able to view the cameras without unauthorized people viewing the video as well. The selected IP camera vendor does not have the ability to authenticate users at the camera level. Which of the following should Ann suggest to BEST secure this environment?

A. Create an IP camera network and deploy NIPS to prevent unauthorized access.

B. Create an IP camera network and only allow SSL access to the cameras.

C. Create an IP camera network and deploy a proxy to authenticate users prior to accessing the cameras.

D. Create an IP camera network and restrict access to cameras from a single management host.

View Answer

Q10. A security administrator was recently hired in a start-up company to represent the interest of security and to assist the network team in improving security in the company. The sales team is continuously contacting the security administrator to answer security questions posed by potential customers/clients. Which of the following is the BEST strategy to minimize the frequency of these requests?

A. Request the major stakeholder hire a security liaison to assist the sales team with security-related questions.

B. Train the sales team about basic security, and make them aware of the security policies and procedures of the company.

C. The job description of the security administrator is to assist the sales team; thus the process should not be changed.

D. Compile a list of the questions, develop an FAQ on the website, and train the sales team about basic security concepts.

View Answer

Q11. Part of the procedure for decommissioning a database server is to wipe all local disks, as well as SAN LUNs allocated to the server, even though the SAN itself is not being decommissioned. Which of the following is the reason for wiping the SAN LUNs?

A. LUN masking will prevent the next server from accessing the LUNs.

B. The data may be replicated to other sites that are not as secure.

C. Data remnants remain on the LUN that could be read by other servers.

D. The data is not encrypted during transport.

View Answer

Q12. The Chief Information Security Officer (CISO) is asking for ways to protect against zero-day exploits. The CISO is concerned that an unrecognized threat could compromise corporate data and result in regulatory fines as well as poor corporate publicity. The network is mostly flat, with split staff/guest wireless functionality. Which of the following equipment MUST be deployed to guard against unknown threats?

A. Cloud-based antivirus solution, running as local admin, with push technology for definition updates.

B. Implementation of an offsite data center hosting all company data, as well as deployment of VDI for all client computing needs.

C. Host based heuristic IPS, segregated on a management VLAN, with direct control of the perimeter firewall ACLs.

D. Behavior based IPS with a communication link to a cloud based vulnerability and threat feed.

View Answer

Q13. A company has migrated its data and application hosting to a cloud service provider (CSP).

To meet its future needs, the company considers an IdP. Why might the company want to select an IdP that is separate from its CSP? (Select TWO).

A. A circle of trust can be formed with all domains authorized to delegate trust to an IdP

B. Identity verification can occur outside the circle of trust if specified or delegated

C. Replication of data occurs between the CSP and IdP before a verification occurs

D. Greater security can be provided if the circle of trust is formed within multiple CSP domains

E. Faster connections can occur between the CSP and IdP without the use of SAML

View Answer