Question 1

Which of the following was developed by Microsoft and was said to be safe due to cryptographically signed by the developer?

Accepted Answer

A)  JavaScript 
B)  Active-X 
C)  Java 
D)  VBScript 
A)  JavaScript 
B)  Active-X 
C)  Java 
D)  VBScript

Question 2

Which of the following uses a circles of trust?

Accepted Answer

A)  PKI 
B)  S/MIME 
C)  PGP 
D)  ISS 
A)  PKI 
B)  S/MIME 
C)  PGP 
D)  ISS

Question 3

Webserver programs often have components that come from different companies.

Accepted Answer

A) True 
 B)False

Question 4

Which of the following is a signaling protocol?

Accepted Answer

A)  VoIP 
B)  SIP 
C)  UDP 
D)  RTP 
A)  VoIP 
B)  SIP 
C)  UDP 
D)  RTP

Question 5

In Microsoft Windows, the native webserver program is ________.

Accepted Answer

A)  Ajax 
B)  ISS 
C)  C 
D)  IPP 
A)  Ajax 
B)  ISS 
C)  C 
D)  IPP

Question 6

If an attacker enters more bytes into an area than it can accommodate, the extra is known as ________.

Accepted Answer

A)  stack overflow 
B)  buffer overflow 
C)  overfiltering 
D)  a data buffer 
A)  stack overflow 
B)  buffer overflow 
C)  overfiltering 
D)  a data buffer

Question 7

VoIP and the PSTN use different transport technology.

Accepted Answer

A) True 
 B)False

Question 8

Which of the following provides end-to-end e-mail security?

Accepted Answer

A)  PKI 
B)  PGP 
C)  ISS 
D)  S/MIME 
A)  PKI 
B)  PGP 
C)  ISS 
D)  S/MIME

Question 9

________ uses multiple technologies to create dynamic client-side applications.

Accepted Answer

A)  Ajax 
B)  C 
C)  IPP 
D)  SQL 
A)  Ajax 
B)  C 
C)  IPP 
D)  SQL

Question 10

________ is an attack that involves sending modified SQL statements to a web application that will, in turn, modify a database.

Accepted Answer

A)  Login screen bypass 
B)  Cross-site scripting 
C)  An SQL query 
D)  SQL injection 
A)  Login screen bypass 
B)  Cross-site scripting 
C)  An SQL query 
D)  SQL injection

Question 11

PGP has had most success in person-to-person communication without corporate control.

Accepted Answer

A) True 
 B)False

Question 12

________ is considered unsolicited commercial e-mail.

Accepted Answer

A)  A cookie 
B)  A virus 
C)  Spam 
D)  A buffer 
A)  A cookie 
B)  A virus 
C)  Spam 
D)  A buffer

Question 13

A goal of VoIP is to provide convergence.

Accepted Answer

A) True 
 B)False

Question 14

Websites do not typically have the ability to log responses of various error messages.

Accepted Answer

A) True 
 B)False

Question 15

A danger of website programming is accidentally allowing ________.

Accepted Answer

A)  IIS 
B)  IPP 
C)  XSS 
D)  SQL 
A)  IIS 
B)  IPP 
C)  XSS 
D)  SQL

Question 16

When a hacker is able to take over control of a host, nearly or completely, this indicates the hacker has ________.

Accepted Answer

A)  super user privileges 
B)  system privileges 
C)  Session Initiation Protocol 
D)  Simple Network Management Protocol 
A)  super user privileges 
B)  system privileges 
C)  Session Initiation Protocol 
D)  Simple Network Management Protocol

Question 17

What are Nikto, Paros Proxy, and Acunetix?

Accepted Answer

A)  Webserver-specific vulnerability assessment tools 
B)  Directory traversal attackers 
C)  Mobile code tools 
D)  Website defacement tools 
A)  Webserver-specific vulnerability assessment tools 
B)  Directory traversal attackers 
C)  Mobile code tools 
D)  Website defacement tools

Question 18

SIP proxy servers are used primarily in ________.

Accepted Answer

A)  RTP packets 
B)  signaling transmissions 
C)  transport transmissions 
D)  PSTN 
A)  RTP packets 
B)  signaling transmissions 
C)  transport transmissions 
D)  PSTN

Question 19

VoIP and the PSTN use different codecs.

Accepted Answer

A) True 
 B)False

Question 20

________ are small programs and are probably the safest because many attack-related actions are disabled.

Accepted Answer

A)  Ajaxes 
B)  Java applets 
C)  Cookies 
D)  Stack entries 
A)  Ajaxes 
B)  Java applets 
C)  Cookies 
D)  Stack entries

Which of the following was developed by Microsoft and was said to be safe due to cryptographically signed by the developer?

Which of the following uses a circles of trust?

Webserver programs often have components that come from different companies.

Which of the following is a signaling protocol?

In Microsoft Windows, the native webserver program is ________.

If an attacker enters more bytes into an area than it can accommodate, the extra is known as ________.

VoIP and the PSTN use different transport technology.

Which of the following provides end-to-end e-mail security?

________ uses multiple technologies to create dynamic client-side applications.

________ is an attack that involves sending modified SQL statements to a web application that will, in turn, modify a database.

PGP has had most success in person-to-person communication without corporate control.

________ is considered unsolicited commercial e-mail.

A goal of VoIP is to provide convergence.

Websites do not typically have the ability to log responses of various error messages.

A danger of website programming is accidentally allowing ________.

When a hacker is able to take over control of a host, nearly or completely, this indicates the hacker has ________.

What are Nikto, Paros Proxy, and Acunetix?

SIP proxy servers are used primarily in ________.

VoIP and the PSTN use different codecs.

________ are small programs and are probably the safest because many attack-related actions are disabled.

The Threat Environment

Planning and Policy

Cryptography

Secure Networks

Access Control

Firewalls

Host Hardening

Data Protection

Incident and Disaster Response

Module a Networking Concepts

Filters

Exam 8: Application Security

Which of the following was developed by Microsoft and was said to be safe due to cryptographically signed by the developer?

Which of the following uses a circles of trust?

Webserver programs often have components that come from different companies.

Which of the following is a signaling protocol?

In Microsoft Windows, the native webserver program is ________.

If an attacker enters more bytes into an area than it can accommodate, the extra is known as ________.

VoIP and the PSTN use different transport technology.

Which of the following provides end-to-end e-mail security?

________ uses multiple technologies to create dynamic client-side applications.

________ is an attack that involves sending modified SQL statements to a web application that will, in turn, modify a database.

PGP has had most success in person-to-person communication without corporate control.

________ is considered unsolicited commercial e-mail.

A goal of VoIP is to provide convergence.

Websites do not typically have the ability to log responses of various error messages.

A danger of website programming is accidentally allowing ________.

When a hacker is able to take over control of a host, nearly or completely, this indicates the hacker has ________.

What are Nikto, Paros Proxy, and Acunetix?

SIP proxy servers are used primarily in ________.

VoIP and the PSTN use different codecs.

________ are small programs and are probably the safest because many attack-related actions are disabled.

The Threat Environment

Planning and Policy

Cryptography

Secure Networks

Access Control

Firewalls

Host Hardening

Data Protection

Incident and Disaster Response

Module a Networking Concepts

Filters