100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
C725 WGU CISSP Study Guide 8th Edition Quizzes Latest 2022 Complete Solution Rated A $14.99   Add to cart

Exam (elaborations)

C725 WGU CISSP Study Guide 8th Edition Quizzes Latest 2022 Complete Solution Rated A

 11 views  0 purchase
  • Course
  • Institution

C725 WGU CISSP Study Guide 8th Edition Quizzes Latest 2022 Complete Solution Rated A

Preview 3 out of 26  pages

  • June 18, 2022
  • 26
  • 2021/2022
  • Exam (elaborations)
  • Questions & answers
avatar-seller
C725 WGU CISSP Study Guide 8th Edition
Quizzes
Signature Detection

Signature detection mechanisms use known descriptions of viruses to identify malicious
code resident on a system.

Domain 3: Security Architecture and Engineering
3.5 Assess and mitigate the vulnerabilities of security architectures, designs, and solution
elements
Malicious Code - What is the most commonly used technique to protect against virus
attacks?
A Signature detection
B Automated reconstruction
C Data integrity assurance
D Heuristic detection

Backdoor

Back doors are undocumented command sequences that allow individuals with knowledge
of the back door to bypass normal access restrictions.

Domain 3: Security Architecture and Engineering
3.6 Assess and mitigate vulnerabilities in web-based systems
Application Attacks - Ben's system was infected by malicious code that modified the
operating system to allow the malicious code author to gain access to his files. What type of
exploit did this attacker engage in?

A Escalation of privilege
B Back door
C Rootkit
D Buffer overflow

Buffer Overflow

Buffer overflow attacks allow an attacker to modify the contents of a system's memory by
writing beyond the space allocated for a variable.

Domain 3: Security Architecture and Engineering
3.6 Assess and mitigate vulnerabilities in web-based systems
Application Attacks - What type of application vulnerability most directly allows an
attacker to modify the contents of a system's memory?

,A TOC/TOU
B Back door
C Rootkit
D Buffer overflow

Reflected Input

Cross-site scripting attacks are successful only against web applications that include
reflected input.

Domain 8: Software Development Security
8.5 Define and apply secure coding guidelines and standards
Web App Security - What condition is necessary on a web page for it to be used in a cross-
site scripting attack?

A .NET technology
B Database-driven content
C Reflected input
D CGI scripts

Stuxnet

Stuxnet was a highly sophisticated worm designed to destroy nuclear enrichment
centrifuges attached to Siemens controllers.

3.0 Domain 3: Security Architecture and Engineering
3.5 Assess and mitigate the vulnerabilities of security architectures, designs, and solution
elements
Malicious Code - What worm was the first to cause major physical damage to a facility?
A Melissa
B RTM
C Stuxnet
D Code Red

DMZ (demilitarized zone)

The DMZ (demilitarized zone) is designed to house systems like web servers that must be
accessible from both the internal and external networks.

Domain 8: Software Development Security
8.2 Identify and apply security controls in development environments
Web App Security - You are the security administrator for an e-commerce company and are
placing a new web server into production. What network zone should you use?

A Intranet

, B Sandbox
C Internet
D DMZ

fsas3alG

Except option C, the choices are forms of common words that might be found during a
dictionary attack. mike is a name and would be easily detected. elppa is simply apple
spelled backward, and dayorange combines two dictionary words. Crack and other utilities
can easily see through these "sneaky" techniques. Option C is simply a random string of
characters that a dictionary attack would not uncover.

Domain 3: Security Architecture and Engineering
3.6 Assess and mitigate vulnerabilities in web-based systems
Password Attacks - Which one of the following passwords is least likely to be compromised
during a dictionary attack?

A elppa
B dayorange
C fsas3alG
D mike

Salting

Salting passwords adds a random value to the password prior to hashing, making it
impractical to construct a rainbow table of all possible values.

3.0 Domain 3: Security Architecture and Engineering
3.6 Assess and mitigate vulnerabilities in web-based systems
Password Attacks - What technique may be used to limit the effectiveness of rainbow table
attacks?

A Salting
B Hashing
C Transport encryption
D Digital signatures

Port Scan

Port scans reveal the ports associated with services running on a machine and available to
the public.

3.0 Domain 3: Security Architecture and Engineering
3.5 Assess and mitigate the vulnerabilities of security architectures, designs, and solution
elements

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Succeed. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $14.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

81989 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$14.99
  • (0)
  Add to cart