100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
Previously searched by you
CERTIFIED COMPLIANCE AND ETHICS EXAM YEAR 2024/2025 / ACCURATE CURRENTLY TESTING EXAM VERSIONS WITH ACTUAL QUESTIONS AND DETAILED ANSWERS WITH A STUDY GUIDE / EXPERT VERIFIED FOR GURANTEED PASS/ LATEST UPDATE.$24.49
Add to cart
Certified Compliance And Ethics Professional Certification
Certified Compliance and Ethics Professional Certification
Exam (elaborations)
CERTIFIED COMPLIANCE AND ETHICS EXAM YEAR 2024/2025 / ACCURATE CURRENTLY TESTING EXAM VERSIONS WITH ACTUAL QUESTIONS AND DETAILED ANSWERS WITH A STUDY GUIDE / EXPERT VERIFIED FOR GURANTEED PASS/ LATEST UPDATE.
9 views 0 purchase
Course
Certified Compliance and Ethics Professional Certification
Institution
Certified Compliance And Ethics Professional Certification
CERTIFIED COMPLIANCE AND ETHICS EXAM YEAR
2024/2025 / ACCURATE CURRENTLY TESTING EXAM
VERSIONS WITH ACTUAL QUESTIONS AND DETAILED
ANSWERS WITH A STUDY GUIDE / EXPERT VERIFIED FOR
GURANTEED PASS/ LATEST UPDATE.
CERTIFIED COMPLIANCE AND ETHICS EXAM YEAR
2024/2025 / ACCURATE CURRENTLY TESTING EXAM
VERSIONS WITH ACTUAL QUESTIONS AND DETAILED
ANSWERS WITH A STUDY GUIDE / EXPERT VERIFIED FOR
GURANTEED PASS/ LATEST UPDATE.
6. What filter in Ethereal will you use to view Hotmail messages?
A. (http contains "e-mail") && (http contains "hotmail")
B. (http contains "hotmail") && (http contains "Reply-To")
C. (http = "login.passport.com") && (http contains "SMTP")
D. (http = "login.passport.com") && (http contains "POP3") - CORRECT ANSWER B
7. Who are the primary victims of SMURF attacks on the Internet?
A. IRC servers
B. IDS devices
C. Mail servers
D. SPAM filters - CORRECT ANSWER A
8. What type of attacks target DNS servers directly?
A. DNS forward lookup attacks
B. DNS cache poisoning attacks
C. DNS reverse connection attacks
D. DNS reflector and amplification attack - CORRECT ANSWER D
9. TCP/IP session hijacking is carried out in which OSI layer?
A. Transport layer
B. Datalink layer
C. Network layer
,D. Physical layer - CORRECT ANSWER A
10. What is the term used in serving different types of web pages based on the user's IP
address?
A. Mirroring website
B. Website filtering
C. IP access blockade
D. Website cloaking - CORRECT ANSWER D
11. True or False: Data is sent over the network as cleartext (unencrypted) when Basic
Authentication is configured on web servers.
A. True
B. False - CORRECT ANSWER A
12. What is the countermeasure against XSS scripting?
A. Create an IP access list and restrict connections based on port number.
B. Replace < and > characters with < and > using server scripts.
C. Disable JavaScript in Internet Explorer and Firefox browsers.
D. Connect to the server using HTTPS protocol instead of HTTP. - CORRECT ANSWER B
13. How would you prevent a user from connecting to the corporate network via their home
computer and attempting to use a VPN to gain access to the corporate LAN?
A. Enforce Machine Authentication and disable VPN access to all your employee accounts
from any machine other than corporate-issued PCs.
B. Allow VPN access but replace the standard authentication with biometric authentication.
C. Replace the VPN access with dial-up modem access to the company's network.
D. Enable 25-character complex password policy for employees to access the VPN network. -
CORRECT ANSWER A
,14. How would you compromise a system that relies on cookie-based security?
A. Inject the cookie ID into the web URL and connect back to the server.
B. Brute-force the encryption used by the cookie and replay it back to the server.
C. Intercept the communication between the client and the server and change the cookie
to make the server believe that there is a user with higher privileges.
D. Delete the cookie, reestablish connection to the server, and access higher-level privileges. -
CORRECT ANSWER C
15. Windows is dangerously insecure when unpacked from the box; which of the following
must you do before you use it? (Choose all that apply.)
A. Make sure a new installation of Windows is patched by installing the latest service
packs.
B. Install the latest security patches for applications such as Adobe Acrobat, Macromedia
Flash, Java, and WinZip.
C. Install a personal firewall and lock down unused ports from connecting to your
computer.
D. Install the latest signatures for antivirus software.
E. Create a non-admin user with a complex password and log onto this account.
F. You can start using your computer since the vendor, such as Dell, Hewlett-Packard,
and IBM, already has installed the latest service packs. - CORRECT ANSWER A,B,C,D
16. Which of these is a patch management and security utility?
A. MBSA
B. BSSA
C. ASNB
D. PMUS - CORRECT ANSWER A
17. How do you secure a GET method in web page posts?
A. Encrypt the data before you send using the GET method.
, B. Never include sensitive information in a script.
C. Use HTTPS SSLv3 to send the data instead of plain HTTPS.
D. Replace GET with the POST method when sending data. - CORRECT ANSWER D
18. What are two types of buffer overflow?
A. Stack-based buffer overflow
B. Active buffer overflow
C. Dynamic buffer overflow
D. Heap-based buffer overflow - CORRECT ANSWER A,D
19. How does a polymorphic shellcode work?
A. It reverses the working instructions into opposite order by masking the IDS signatures.
B. It converts the shellcode into Unicode, uses a loader to convert back to machine code,
and then executes the shellcode.
C. It encrypts the shellcode by XORing values over the shellcode, using loader code to
decrypt the shellcode, and then executing the decrypted shellcode.
D. It compresses the shellcode into normal instructions, uncompresses the shellcode using
loader code, and then executes the shellcode. - CORRECT ANSWER C
20. Where are passwords kept in Linux?
A. /etc/shadow
B. /etc/passwd
C. /bin/password
D. /bin/shadow - CORRECT ANSWER A
21. What of the following is an IDS defeating technique?
A. IP routing or packet dropping
B. IP fragmentation or session splicing
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller DrMedinaReed. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $24.49. You're not tied to anything after your purchase.