100% de satisfacción garantizada Inmediatamente disponible después del pago Tanto en línea como en PDF No estas atado a nada
logo-home
Buscado previamente por ti
Buscado previamente por ti
logo
WGU C836/D430 FUNDAMENTALS OF INFORMATION SECURITY EXAM 2024 $19.89
Añadir al carrito
Navegar rápidamente a
Vista previa
  2.  
  3. WGU C836/D430 FUNDAMENTALS OF INFORMATION SECURITY
  4.  
  5. WGU C836/D430 FUNDAMENTALS OF INFORMATION SECURITY

Examen

WGU C836/D430 FUNDAMENTALS OF INFORMATION SECURITY EXAM 2024
 0 veces vendidas
  • Grado
  • WGU C836/D430 FUNDAMENTALS OF INFORMATION SECURITY
  • Institución
  • WGU C836/D430 FUNDAMENTALS OF INFORMATION SECURITY

WGU C836/D430 FUNDAMENTALS OF INFORMATION SECURITY EXAM 2024 WGU C836/D430 FUNDAMENTALS OF INFORMATION SECURITY EXAM 2024 WGU C836/D430 FUNDAMENTALS OF INFORMATION SECURITY EXAM 2024

Vista previa 4 fuera de 32  páginas

Información del documento

  • 23 de octubre de 2024
  • 32
  • 2024/2025
  • Examen
  • Preguntas y respuestas

Temas

  • wgu c836d430 fundamentals
  • wgu c836d430
  • information security
  • wgu c836d430 fundamentals of information security
  • fundamentals of information security

Escuela, estudio y materia

  • WGU C836/D430 FUNDAMENTALS OF INFORMATION SECURITY
  • WGU C836/D430 FUNDAMENTALS OF INFORMATION SECURITY

Vendedor

avatar-seller
kimsamuel

Vista previa del contenido

WGU C836/D430 FUNDAMENTALS OF
INFORMATION SECURITY EXAM 2024
bounds checking - ANSWER...to set a limit on the amount of data we expect to
receive to set aside storage for that data
*required in most programming languages
* prevents buffer overflows


race conditions - ANSWER...A type of software development vulnerability that
occurs when multiple processes or multiple threads within a process control or
share access to a particular resource, and the correct handling of that resource
depends on the proper ordering or timing of transactions


input validation - ANSWER...a type of attack that can occur when we fail to
validate the input to our applications or take steps to filter out unexpected or
undesirable content


format string attack - ANSWER...a type of input validation attacks in which certain
print functions within a programming language can be used to manipulate or view
the internal memory of an application


authentication attack - ANSWER...A type of attack that can occur when we fail to
use strong authentication mechanisms for our applications


authorization attack - ANSWER...A type of attack that can occur when we fail to
use authorization best practices for our applications


cryptographic attack - ANSWER...A type of attack that can occur when we fail to
properly design our security mechanisms when implementing cryptographic
controls in our applications

, WGU C836/D430 FUNDAMENTALS OF
INFORMATION SECURITY EXAM 2024
client-side attack - ANSWER...A type of attack that takes advantage of weaknesses
in the software loaded on client machines or one that uses social engineering
techniques to trick us into going along with the attack


XSS (Cross Site Scripting) - ANSWER...an attack carried out by placing code in
the form of a scripting language into a web page or other media that is interpreted
by a client browser


XSRF (cross-site request forgery) - ANSWER...an attack in which the attacker
places a link on a web page in such a way that it will be automatically executed to
initiate a particular activity on another web page or application where the user is
currently authenticated


SQL Injection Attack - ANSWER...Attacks against a web site that take advantage
of vulnerabilities in poorly coded SQL (a standard and common database software
application) applications in order to introduce malicious program code into a
company's systems and networks.


clickjacking - ANSWER...An attack that takes advantage of the graphical display
capabilities of our browser to trick us into clicking on something we might not
otherwise


server-side attack - ANSWER...A type of attack on the web server that can target
vulnerabilities such as lack of input validation, improper or inadequate
permissions, or extraneous files left on the server from the development process


Protocol issues, unauthenticated access, arbitrary code execution, and privilege
escalation - ANSWER...Name the 4 main categories of database security issues

, WGU C836/D430 FUNDAMENTALS OF
INFORMATION SECURITY EXAM 2024
web application analysis tool - ANSWER...A type of tool that analyzes web pages
or web-based applications and searches for common flaws such as XSS or SQL
injection flaws, and improperly set permissions, extraneous files, outdated software
versions, and many more such items


protocol issues - ANSWER...unauthenticated flaws in network protocols,
authenticated flaws in network protocols, flaws in authentication protocols


arbitrary code execution - ANSWER...An attack that exploits an applications
vulnerability into allowing the attacker to execute commands on a user's computer.
* arbitrary code execution in intrinsic or securable SQL elements


Privilege Escalation - ANSWER...An attack that exploits a vulnerability in
software to gain access to resources that the user normally would be restricted from
accessing.
* via SQL injection or local issues


validating user inputs - ANSWER...a security best practice for all software
* the most effective way of mitigating SQL injection attacks


Nikto (and Wikto) - ANSWER...A web server analysis tool that performs checks
for many common server-side vulnerabilities & creates an index of all the files and
directories it can see on the target web server (a process known as spidering)


burp suite - ANSWER...A well-known GUI web analysis tool that offers a free and
professional version; the pro version includes advanced tools for conducting more
in-depth attacks

, WGU C836/D430 FUNDAMENTALS OF
INFORMATION SECURITY EXAM 2024

fuzzer - ANSWER...A type of tool that works by bombarding our applications with
all manner of data and inputs from a wide variety of sources, in the hope that we
can cause the application to fail or to perform in unexpected ways


MiniFuzz File Fuzzer - ANSWER...A tool developed by Microsoft to find flaws in
file-handling source code


BinScope Binary Analyzer - ANSWER...A tool developed by Microsoft to examine
source code for general good practices


SDL Regex Fuzzer - ANSWER...A tool developed by Microsoft for testing certain
pattern-matching expressions for potential vulnerabilities


good sources of secure coding guidelines - ANSWER...CERT, NIST 800, BSI, an
organization's internal coding guidelines


OS hardening - ANSWER...the process of reducing the number of available
avenues through which our OS might be attacked


attack surface - ANSWER...The total of the areas through which our operating
system might be attacked


6 main hardening categories - ANSWER...1. Removing unnecessary software
2. Removing or turning off unessential services
3. Making alterations to common accounts

Los beneficios de comprar resúmenes en Stuvia estan en línea:

Garantiza la calidad de los comentarios

Garantiza la calidad de los comentarios

Compradores de Stuvia evaluaron más de 700.000 resúmenes. Así estas seguro que compras los mejores documentos!

Compra fácil y rápido

Compra fácil y rápido

Puedes pagar rápidamente y en una vez con iDeal, tarjeta de crédito o con tu crédito de Stuvia. Sin tener que hacerte miembro.

Enfócate en lo más importante

Enfócate en lo más importante

Tus compañeros escriben los resúmenes. Por eso tienes la seguridad que tienes un resumen actual y confiable. Así llegas a la conclusión rapidamente!

Preguntas frecuentes

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

100% de satisfacción garantizada: ¿Cómo funciona?

Nuestra garantía de satisfacción le asegura que siempre encontrará un documento de estudio a tu medida. Tu rellenas un formulario y nuestro equipo de atención al cliente se encarga del resto.

Who am I buying this summary from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller kimsamuel. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy this summary for $19.89. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

45,681 summaries were sold in the last 30 days

Founded in 2010, the go-to place to buy summaries for 15 years now

Empieza a vender

Vistos recientemente

Examen ·

(0)

Regis NU650 Module 1 Exam Questions With All Correct Answers

Examen ·

(0)

MACROECONOMICS (CHAPTER 7) QUESTIONS WITH CORRECT ANSWERS 2025

Examen ·

(0)

FINC 371 Final Exam (New Material) Questions & Answers 100% Correct!!

Examen ·

(0)

Fire Officer Chapter 3 Question and answers rated A+ 2023/2024

$19.89
  • (0)
Añadir al carrito
Añadido