E-commerce Final UPDATED Exam Questions and CORRECT Answers
4 views 0 purchase
Course
E-commerce
Institution
E-commerce
E-commerce Final UPDATED Exam
Questions and CORRECT Answers
The strategy used in a planned attack usually consists of developing attack plans, identifying
security holes and gaps, and __________. - Correct Answer- attempting to escalate privilege
A planned attack performed during a Web site a...
E-commerce Final UPDATED Exam
Questions and CORRECT Answers
The strategy used in a planned attack usually consists of developing attack plans, identifying
security holes and gaps, and __________. - Correct Answer- attempting to escalate privilege
A planned attack performed during a Web site assessment is called: - Correct Answer-
Penetration testing
Which utility identifies the operating system running on hardware systems that support a Web
server, application, and database components? - Correct Answer- Nmap
The following are best practices for writing the executive summary of a Web site security
assessment report EXCEPT: - Correct Answer- Do include IP addresses as reported by the
assessment scans
When identifying components of a single-server Web site environment to test in a security
assessment, you typically need to identify the Web server application, Web server front end,
Web server operating system, and _____________. - Correct Answer- Web site forms
Which of the following is typically the last step in performing a Web site security
assessment? - Correct Answer- Reporting
Nessus is a popular tool used primarily for _____________. - Correct Answer- vulnerability
scanning
Which section of a vulnerability and security assessment report is designed for management
and highlights the most critical points throughout the report? - Correct Answer- Executive
Summary
An e-commerce Web site that processes credit cards must comply with: - Correct Answer-
PIC DSS
You are a security professional who is performing an enumeration and assessment of Web
server operating systems. You run a "Quick" Nmap scan and discover the IP addresses
, associated with open ports 80 and 443. What is your next step? - Correct Answer- Run a
vulnerability scan against the IP addresses
When a Web site vulnerability assessment is completed, the report typically contains a
Common Vulnerabilities and Exposures (CVE) for each vulnerability. What does this
represent? - Correct Answer- The number that uniquely identifies it across various security
vendors and applications
Network Mapper (Nmap) would be a good tool choice to use for: - Correct Answer- Port
scanning
What is the first step when performing a Web site security assessment? - Correct Answer-
Identify the components that make up the Web site
What is the best description of a live Internet Protocol (IP) address? - Correct Answer- One
that is un use
Which phase of a web security assessment involves conducting fingerprinting to help identify
the components of the web site platform? - Correct Answer- Enumeration
Inserting unexpected data into a web site's database query is commonly referred to as_____. -
Correct Answer- SQL Injection
When performing an SQL injection attack, data is usually placed in form fields or in_______.
- Correct Answer- the URL
Web sites typically consist of Web server software, a hardware server and operating system, a
software application and ___________. - Correct Answer- a database server
When a web site vulnerability assessment is completed, the report typically contains a
Common Vulnerabilities and Exposures (CVE) for each vulnerability. What does this
represent? - Correct Answer- The number that uniquely identifies it across various security
vendors and applications
Which of the following is a best practice for performing a security assessment? - Correct
Answer- Using multiple tools for the same function
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller MGRADES. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $8.99. You're not tied to anything after your purchase.