- (Exam Topic 3)
A company has alerted planning the implemented a vulnerability management procedure. However, to security maturity level is low, so there are some prerequisites to complete before risk calculation and prioritization. Which of the following should be completed FIRST?
Correct Answer:
D
- (Exam Topic 1)
A system administrator is doing network reconnaissance of a company’s external network to determine the vulnerability of various services that are running. Sending some sample traffic to the external host, the administrator obtains the following packet capture:
Based on the output, which of the following services should be further tested for vulnerabilities?
Correct Answer:
A
- (Exam Topic 3)
Due to a rise m cyberattackers seeking PHI, a healthcare company that collects highly sensitive data from millions of customers is deploying a solution that will ensure the customers' data is protected by the organization internally and externally Which of the following countermeasures can BEST prevent the loss of customers' sensitive data?
Correct Answer:
C
- (Exam Topic 3)
Which of the following is the software development process by which function, usability, and scenarios are tested against a known set of base requirements?
Correct Answer:
C
"User acceptance testing (UAT) is the last phase of the software testing process. During UAT, actual software users test the software to make sure it can handle required tasks in real-world scenarios, according to specifications." https://www.plutora.com/blog/uat-user-acceptance-testing
- (Exam Topic 3)
A code review reveals a web application is using lime-based cookies for session management. This is a security concern because lime-based cookies are easy to:
Correct Answer:
B
