Question 1

Under what Internet Options tabs are general security settings for websites controlled?

Accepted Answer

A)  Privacy 
B)  Security 
C)  Protection 
D)  Advanced 
A)  Privacy 
B)  Security 
C)  Protection 
D)  Advanced B

Question 2

Website defacement occurs when attackers take over a computer and produce false web pages.

Accepted Answer

A) True 
 B)False  False

Question 3

Which of the following statements accurately describes Skype?

Accepted Answer

A)  Skype controls who can register a particular person's name. 
B)  Skype cannot decrypt or read user traffic. 
C)  Skype's proprietary software and protocols have not been publicly studied and approved. 
D)  None of the above 
A)  Skype controls who can register a particular person's name. 
B)  Skype cannot decrypt or read user traffic. 
C)  Skype's proprietary software and protocols have not been publicly studied and approved. 
D)  None of the above C

Question 4

In IM, all messages pass through a ________ server.

Accepted Answer

A)  relay 
B)  presence 
C)  Both A and B 
D)  Neither A nor B 
A)  relay 
B)  presence 
C)  Both A and B 
D)  Neither A nor B

Question 5

E-commerce software is not complex and has few subsystems.

Accepted Answer

A) True 
 B)False

Question 6

For all applications, a basic rule is ________.

Accepted Answer

A)  always trust user input 
B)  sometimes trust user input 
C)  never trust user input 
D)  None of the above 
A)  always trust user input 
B)  sometimes trust user input 
C)  never trust user input 
D)  None of the above

Question 7

________ errors may indicate that an attacker is trying to send invalid data to the server.

Accepted Answer

A)  404 
B)  303 
C)  500 
D)  512 
A)  404 
B)  303 
C)  500 
D)  512

Question 8

SPIT is where the attacker uses the corporate VoIP network to place free calls.

Accepted Answer

A) True 
 B)False

Question 9

RTP adds ________ to UDP.

Accepted Answer

A)  security 
B)  sequence numbers 
C)  Both A and B 
D)  Neither A nor B 
A)  security 
B)  sequence numbers 
C)  Both A and B 
D)  Neither A nor B

Question 10

Cookies are dangerous because they ________.

Accepted Answer

A)  allow a website to track what pages you have visited 
B)  may contain sensitive private information about you 
C)  Both A and B 
D)  Neither A nor B 
A)  allow a website to track what pages you have visited 
B)  may contain sensitive private information about you 
C)  Both A and B 
D)  Neither A nor B

Question 11

SIP requires port ________ to be open.

Accepted Answer

A)  47 
B)  505 
C)  3434 
D)  5060 
A)  47 
B)  505 
C)  3434 
D)  5060

Question 12

Skype's file transfer generally does not work with antivirus programs.

Accepted Answer

A) True 
 B)False

Question 13

A down side of spam filtering is the deletion of some legitimate messages.

Accepted Answer

A) True 
 B)False

Question 14

JavaScript is a scripted form of Java.

Accepted Answer

A) True 
 B)False

Question 15

Operating system hardening is more total work than application hardening.

Accepted Answer

A) True 
 B)False

Question 16

Attacks in which a user reaches a directory outside of the WWW root directory and its subdirectories is called a(n) ________ attack.

Accepted Answer

A)  cross-site scripting 
B)  SQL injection 
C)  mobile code 
D)  directory traversal 
A)  cross-site scripting 
B)  SQL injection 
C)  mobile code 
D)  directory traversal

Question 17

Users usually must click on malicious links in order to execute them.

Accepted Answer

A) True 
 B)False

Question 18

Whisker is a popular tool for ________.

Accepted Answer

A)  reading website error logs 
B)  providing a webserver proxy in front of the webserver 
C)  conducting vulnerability testing on webservers 
D)  All of the above 
A)  reading website error logs 
B)  providing a webserver proxy in front of the webserver 
C)  conducting vulnerability testing on webservers 
D)  All of the above

Question 19

Code on a webpage that is executed on the client PC is ________.

Accepted Answer

A)  a Trojan horse 
B)  a Virus 
C)  mobile code 
D)  an XSS attack 
A)  a Trojan horse 
B)  a Virus 
C)  mobile code 
D)  an XSS attack

Question 20

________ offers no security at all.

Accepted Answer

A)  SNMP V1 
B)  SNMP V2 
C)  SNMP V3 
D)  All of the above offer security. 
A)  SNMP V1 
B)  SNMP V2 
C)  SNMP V3 
D)  All of the above offer security.

Under what Internet Options tabs are general security settings for websites controlled?

Website defacement occurs when attackers take over a computer and produce false web pages.

Which of the following statements accurately describes Skype?

In IM, all messages pass through a ________ server.

E-commerce software is not complex and has few subsystems.

For all applications, a basic rule is ________.

________ errors may indicate that an attacker is trying to send invalid data to the server.

SPIT is where the attacker uses the corporate VoIP network to place free calls.

RTP adds ________ to UDP.

Cookies are dangerous because they ________.

SIP requires port ________ to be open.

Skype's file transfer generally does not work with antivirus programs.

A down side of spam filtering is the deletion of some legitimate messages.

JavaScript is a scripted form of Java.

Operating system hardening is more total work than application hardening.

Attacks in which a user reaches a directory outside of the WWW root directory and its subdirectories is called a(n) ________ attack.

Users usually must click on malicious links in order to execute them.

Whisker is a popular tool for ________.

Code on a webpage that is executed on the client PC is ________.

________ offers no security at all.

The Threat Environment

Planning and Policy

Cryptography

Secure Networks

Access Control

Firewalls

Host Hardening

Data Protection

Incident and Disaster Response

Module A: Networking Concepts

Filters

Exam 8: Application Security

Under what Internet Options tabs are general security settings for websites controlled?

Website defacement occurs when attackers take over a computer and produce false web pages.

Which of the following statements accurately describes Skype?

In IM, all messages pass through a ________ server.

E-commerce software is not complex and has few subsystems.

For all applications, a basic rule is ________.

________ errors may indicate that an attacker is trying to send invalid data to the server.

SPIT is where the attacker uses the corporate VoIP network to place free calls.

RTP adds ________ to UDP.

Cookies are dangerous because they ________.

SIP requires port ________ to be open.

Skype's file transfer generally does not work with antivirus programs.

A down side of spam filtering is the deletion of some legitimate messages.

JavaScript is a scripted form of Java.

Operating system hardening is more total work than application hardening.

Attacks in which a user reaches a directory outside of the WWW root directory and its subdirectories is called a(n) ________ attack.

Users usually must click on malicious links in order to execute them.

Whisker is a popular tool for ________.

Code on a webpage that is executed on the client PC is ________.

________ offers no security at all.

The Threat Environment

Planning and Policy

Cryptography

Secure Networks

Access Control

Firewalls

Host Hardening

Data Protection

Incident and Disaster Response

Module A: Networking Concepts

Filters