Question

Which application testing method tests applications from within using software instrumentation? 1 point SAST: Static Application...

Which application testing method tests applications from within using software instrumentation?

1 point

SAST: Static Application Security Testing.

IAST Interactive Application Security Testing.

PAST: Passive Application Security Testing.

DAST: Dynamic Security Application Testing.

57.

Question 57

Which one of the OWASP Top 10 Application Security Risks would be occur when there are no safeguards against a user being allowed to execute HTML or JavaScript in the user's browser that can hijack sessions.

1 point

Insufficient logging and monitoring

Security misconfiguration

Insecure deserialization

Cross-site scripting

58.

Question 58

Why should you always look for common patterns before starting a new security architecture design?

1 point

They can help identify best practices.

They can shorten the development lifecycle.

Some document complete tested solutions.

All of the above.

59.

Question 59

Which of these describes the process of data normalization in a SIEM?

1 point

Compresses incoming.

Allows for predictable and consistent storage for all records.

Removes duplicate records from incoming data.

Encrypts incoming data.

60.

Question 60

The partnership between security analysts and technology can be said to be grouped into 3 domains, human expertise, security analytics and artificial intelligence. The human expertise domain would contain which three (3) of these topics?

1 point

Abstraction

Pattern identification

Dilemmas

Machine learning

Anomaly detection

Morals

61.

Question 61

True or False. If you have no better place to start hunting threats, start with a view of the global threat landscape and then drill down to a regional view, industry view and finally a view of the threats specific to your own organization.

1 point

True

False

62.

Question 62

There is value brought by each of the IBM i2 EIA use cases. Which one of these provides immediate alerting on brand compromises and fraud on the dark web.

1 point

Insider Threat

Threat Discovery

Fraud Investigations

VIP Protection

63.

Question 63

Which three (3) soft skills are important to have in an organization's incident response team? (Select 3)

1 point

Teamwork

Problem solving and Critical thinking

Communication

Motivational

64.

Question 64

According to the IRIS Framework, during which stage of an attack would the attacker attempt to escalate their privileges, move laterally and conduct internal reconnaissance?

1 point

Attack beginnings.

Continue the attack, expand network access.

Launch and execute the attack.

Attack objective execution.

Continuous phases occur.

65.

Question 65

Which feature of this email is a red flag, indicating that it may be a phishing attack and not a legitimate account warning from PayPal?

<<insert Paypal phishing email graphic>>

1 point

Suspicious attachments.

Generic greetings and signature.

Poor quality layout.

There is a hyperlink in the body of the email.

66.

Question 66

Which three (3) of these are PCI-DSS requirements for any company handling, processing or transmitting credit card data? (Select 3)

1 point

All employees with direct access to cardholder data must change their passwords monthly.

Restrict access to cardholder data by business need-to-know.

Restrict physical access to cardholder data.

Assign a unique ID to each person with computer access.

67.

Question 67

Stolen credit card numbers are sold to brokers who resell them to carders who use them to buy prepaid credit cards that are then used to buy gift cards that will be used to buy merchandise that is shipped to a reshipper who sends it on to its final destination before it is sold for profit.

Why is such a complex process used instead of simply using the stolen numbers to buy the products that are desired?

1 point

Because stolen cards can rarely be used directly to purchase merchandise.

To make the end-to-end transaction very difficult to follow.

It is easier to get approval to use a credit card to purchase a prepaid credit card than to it is to purchase merchandise.

If done quickly, there is a multiplying effect in play. The stolen credit card can be used to buy 3 or 4 prepaid cards each valued at the credit limit of the original card. The same is true for using each prepaid card to buy multiple gift cards and each gift card to buy more merchandise than its face value.

68.

Question 68

According to a 2019 Ponemon study, what percent of consumers indicated they would be willing to pay more for a product or service from a provider with better security?

1 point

12%

52%

82%

92%

69.

Question 69

You get email constantly telling you that your eBay account shows signs of suspicious activity and that you should log in using the link provided to restore your credentials. You have taken a great course on Cybersecurity, so you check and see the sender's email address is "[email protected]". Which attack vector is being used to try to compromise your system?

1 point

Malicious Links

Software Vulnerabilities

Phishing

Remote Desktop Protocol (RDP)

70.

Question 70

What is an effective fully automated way to prevent malware from entering your system as an email attachment?

1 point

A full system backup.

Anti-virus software.

Strong passwords.

Fully patched operating system and applications.

Homework Answers

Answer #1

56. SAST: Static Application Security Testing.

57. Cross-site scripting

58. All of the above

59, Removes duplicate records from incoming data.

60. Pattern identification, Dilemmas, Morals

61. True

62. Fraud Investigations

63.Teamwork, Problem solving and Critical thinking, Communication

64. Continue the attack, expand network access.

65. incomplete question

66. Restrict access to cardholder data by business need-to-know, Restrict physical access to cardholder data, Assign a unique ID to each person with computer access.

67.To make the end-to-end transaction very difficult to follow.

68. 52%

69. Phishing

70. Fully patched operating systems and applications

Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
65. Question 65 Which feature of this email is a red flag, indicating that it may...
65. Question 65 Which feature of this email is a red flag, indicating that it may be a phishing attack and not a legitimate account warning from PayPal? <<insert Paypal phishing email graphic>> 1 point Poor quality layout. Suspicious attachments. There is a hyperlink in the body of the email. Generic greetings and signature. 66. Question 66 Which three (3) of these are PCI-DSS requirements for any company handling, processing or transmitting credit card data? (Select 3) 1 point Assign...
58. Question 58 Which three (3) of these are Solution Building Blocks (SBBs)? (Select 3) 1...
58. Question 58 Which three (3) of these are Solution Building Blocks (SBBs)? (Select 3) 1 point Virus Protection Identity and Access Management Spam Filter Application Firewall 59. Question 59 A robust cybersecurity defense includes contributions from 3 areas, human expertise, security analytics and artificial intelligence. Which of these areas would contain the ability for unstructured analysis? 1 point Human expertise Artificial intelligence Security analytics 60. Question 60 How would a SIEM flag a user who is trying to log...
QUESTION 1 Which of the following is a server dedicated to a specific software function, such...
QUESTION 1 Which of the following is a server dedicated to a specific software function, such as email or security? Application Node Appetizer Appliance 20 points    QUESTION 2 A _______ is made up of 8 ________. Bit, Bytes Byte, Bits Byte, Characters Character, Bits 20 points    QUESTION 3 LAN congestion is a growing concern and is caused by the following factors: (There is more than one choice) Long continuous streams of audio and video files downloaded or streamed...
Assume a scenario where the hackers gained access to information through malware on Point-of-Sale (POS) systems...
Assume a scenario where the hackers gained access to information through malware on Point-of-Sale (POS) systems of more than million credit and debit card. The firewall had captured the first malware code and an alert was issued which was ignored. The hackers started downloading the collected data. The cyber criminals have hacked the system to gain credit and debit card information. 1. Explain in your own words what happened in the above discussed data breach. [5 Marks] 2. Identify and...
Assume a scenario where the hackers gained access to information through malware on Point-of-Sale (POS) systems...
Assume a scenario where the hackers gained access to information through malware on Point-of-Sale (POS) systems of more than million credit and debit card. The firewall had captured the first malware code and an alert was issued which was ignored. The hackers started downloading the collected data. The cyber criminals have hacked the system to gain credit and debit card information. 1. Explain in your own words what happened in the above discussed data breach. [5 Marks] 2. Identify and...
Assume a scenario where the hackers gained access to information through malware on Point-of-Sale (POS) systems...
Assume a scenario where the hackers gained access to information through malware on Point-of-Sale (POS) systems of more than million credit and debit card. The firewall had captured the first malware code and an alert was issued which was ignored. The hackers started downloading the collected data. The cyber criminals have hacked the system to gain credit and debit card information. 1. Explain in your own words what happened in the above discussed data breach. [5 Marks] 2. Identify and...
Question 1 of 15 Which of the following is not a recommended starting point to enter...
Question 1 of 15 Which of the following is not a recommended starting point to enter sales of products/services? A. Quick Create > Invoice B. Register > New transaction C. Quick Create > Sales Receipt D. Customer detail page > New transaction E. Transactions > Sales > New transaction Question 2 of 15 Which of the following statements accurately describes bank rules? A. Bank rules are imported from the Bank's website into the For Review tab in the Banking Center...
In narrative essay format, I want you to address a business/organization case study using multiple concepts...
In narrative essay format, I want you to address a business/organization case study using multiple concepts from class. The case question and case text begin on page 5 of this document. You need to demonstrate their best understanding of management and organizational behavior theory, and the application of those ideas to improve the understanding of various issues. You need to clearly identify at least 3 distinct, substantive issues. For each issue you need to 1), identify evidence from the case...
Business Problem-Solving Case Walmart and Amazon Duke It Out for E-Commerce Supremacy Walmart is the world’s...
Business Problem-Solving Case Walmart and Amazon Duke It Out for E-Commerce Supremacy Walmart is the world’s largest and most successful retailer, with $487.5 billion in 2014 sales and nearly 11,000 stores worldwide, including more than 4,000 in the United States. Walmart has 2.2 million employees and ranks first on the Fortune 500 list of companies. Walmart had such a large and powerful selling machine that it really didn’t have any serious competitors—until now. Today, Walmart’s greatest threat is Amazon.com, often...
Please read the article and answear about questions. Determining the Value of the Business After you...
Please read the article and answear about questions. Determining the Value of the Business After you have completed a thorough and exacting investigation, you need to analyze all the infor- mation you have gathered. This is the time to consult with your business, financial, and legal advis- ers to arrive at an estimate of the value of the business. Outside advisers are impartial and are more likely to see the bad things about the business than are you. You should...
ADVERTISEMENT
Need Online Homework Help?

Get Answers For Free
Most questions answered within 1 hours.

Ask a Question
ADVERTISEMENT