CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
1. What design measure is the solution to most XSS and CSRF attacks?
A) tripwire
B) iptables
C) ACLs
D) input validation
2. Which of the following applies rule sets to an HTTP conversation?
A) HSM
B) SIEM
C) NIPS
D) WAF
3. A group of your software developers just reviewed code while the author explained his reasoning. What type of code review have they just completed?
A) email
B) tool assisted
C) over-the-shoulder
D) pair programming
4. Which of the following is used to provision certificates to network devices, including mobile devices?
A) OSCP
B) BYOD
C) SCEP
D) COPE
5. ACLs are susceptible to what type of attack?
A) IP spoofing
B) DNS poisoning
C) MAC spoofing
D) whaling
A) tripwire
B) iptables
C) ACLs
D) input validation
2. Which of the following applies rule sets to an HTTP conversation?
A) HSM
B) SIEM
C) NIPS
D) WAF
3. A group of your software developers just reviewed code while the author explained his reasoning. What type of code review have they just completed?
A) email
B) tool assisted
C) over-the-shoulder
D) pair programming
4. Which of the following is used to provision certificates to network devices, including mobile devices?
A) OSCP
B) BYOD
C) SCEP
D) COPE
5. ACLs are susceptible to what type of attack?
A) IP spoofing
B) DNS poisoning
C) MAC spoofing
D) whaling
1. Right Answer: D
Explanation: Input validation is the process of checking all input for things such as proper format and proper length.
2. Right Answer: D
Explanation: A web application firewall (WAF) applies rule sets to an HTTP conversation. These sets cover common attack types to which these session types are susceptible.
3. Right Answer: C
Explanation: In over-the-shoulder code review, coworkers review the code while the author explains his reasoning.
4. Right Answer: C
Explanation: Simple Certificate Enrollment Protocol (SCEP) is used to provision certificates to network devices, including mobile devices.
5. Right Answer: A
Explanation: The inherent limitation of ACLs is their inability to detect whether IP spoofing is occurring. IP address spoofing is a technique hackers use to hide their trail or to masquerade as other computers. A hacker alters the IP address as it appears in a packet to attempt to allow the packet to get through an ACL that is based on IP addresses.
Explanation: Input validation is the process of checking all input for things such as proper format and proper length.
2. Right Answer: D
Explanation: A web application firewall (WAF) applies rule sets to an HTTP conversation. These sets cover common attack types to which these session types are susceptible.
3. Right Answer: C
Explanation: In over-the-shoulder code review, coworkers review the code while the author explains his reasoning.
4. Right Answer: C
Explanation: Simple Certificate Enrollment Protocol (SCEP) is used to provision certificates to network devices, including mobile devices.
5. Right Answer: A
Explanation: The inherent limitation of ACLs is their inability to detect whether IP spoofing is occurring. IP address spoofing is a technique hackers use to hide their trail or to masquerade as other computers. A hacker alters the IP address as it appears in a packet to attempt to allow the packet to get through an ACL that is based on IP addresses.
0 Comments
Leave a comment
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
