applications

organization

An organization has automated the operation of critical infrastructure from a remote location. For this purpose, all the industrial control systems are connected to the INTERNET. To empower the manufacturing processs, ensure the reliability of industrial networks, and reduce downtime and service disruption, the organization decided to install an OT security tool that further protects against security incidents such as cyber espionage, zero-day attack, and malware. Which of the following tools must the organization employ to protect its critical infrastructure?

An organization has automated the operation of critical infrastructure from a remote location. For this purpose, all the industrial control systems are connected to the INTERNET. To empower the manufacturing processs, ensure the reliability of industrial networks, and reduce downtime and service disruption, the organization decided to install an OT security tool that further protects against security incidents such as cyber espionage, zero-day attack, and malware. Which of the following tools must the organization employ …

An organization has automated the operation of critical infrastructure from a remote location. For this purpose, all the industrial control systems are connected to the INTERNET. To empower the manufacturing processs, ensure the reliability of industrial networks, and reduce downtime and service disruption, the organization decided to install an OT security tool that further protects against security incidents such as cyber espionage, zero-day attack, and malware. Which of the following tools must the organization employ to protect its critical infrastructure? Read More »

web-server

In order to tailor your during a web-application scan, you decide to determine which web-server version is hosting the application. On using the sV flag with Nmap, you obtain the following response: 80/tcp open http-proxy Apache Server 7.1.6 What information-gathering technique does this best describe?

In order to tailor your during a web-application scan, you decide to determine which web-server version is hosting the application. On using the sV flag with Nmap, you obtain the following response: 80/tcp open http-proxy Apache Server 7.1.6 What information-gathering technique does this best describe? Option 1 : Banner grabbing Option 2 : Brute forcing Option 3 : WHOIS lookup Option 4 : Dictionary attack 1. Banner grabbing Banner grabbing is a technique wont to …

In order to tailor your during a web-application scan, you decide to determine which web-server version is hosting the application. On using the sV flag with Nmap, you obtain the following response: 80/tcp open http-proxy Apache Server 7.1.6 What information-gathering technique does this best describe? Read More »

SQL injection

Daniel is a professional hacker who is attempting to perform an SQL injection attack on a target website, www.moviescope.com. During this process, he encountered an IDS that detects SQL injection attempts based on predefined signatures. To evade any comparison statement, he attempted placing characters such as ‘” or ‘1’=’1″ in any basic injection statement such “or 1=1.” Identify the evasion technique used by Daniel in the above scenario.

Daniel is a professional hacker who is attempting to perform an SQL injection attack on a target website, www.moviescope.com. During this process, he encountered an IDS that detects SQL injection attempts based on predefined signatures. To evade any comparison statement, he attempted placing characters such as ‘” or ‘1’=’1″ in any basic injection statement such “or 1=1.” Identify the evasion technique used by Daniel in the above scenario. Option 1 : Variation Option 2 : …

Daniel is a professional hacker who is attempting to perform an SQL injection attack on a target website, www.moviescope.com. During this process, he encountered an IDS that detects SQL injection attempts based on predefined signatures. To evade any comparison statement, he attempted placing characters such as ‘” or ‘1’=’1″ in any basic injection statement such “or 1=1.” Identify the evasion technique used by Daniel in the above scenario. Read More »

cloud

There are multiple cloud deployment options depending on how isolated a customer’s resources are from those of other customers. Shared environment share the costs and allow each customer to enjoy lower operations expenses. One solution is for a customer to join with a group of users or organizations to share a cloud environment. What is this cloud deployment option called?

There are multiple cloud deployment options depending on how isolated a customer’s resources are from those of other customers. Shared environment share the costs and allow each customer to enjoy lower operations expenses. One solution is for a customer to join with a group of users or organizations to share a cloud environment. What is this cloud deployment option called? Option 1 : Private Option 2 : Community Option 3 : Public Option 4 : …

There are multiple cloud deployment options depending on how isolated a customer’s resources are from those of other customers. Shared environment share the costs and allow each customer to enjoy lower operations expenses. One solution is for a customer to join with a group of users or organizations to share a cloud environment. What is this cloud deployment option called? Read More »

container

Abel, a cloud architect, uses container technology to deploy applications/software including all its dependencies, such as libraries and configuration files, binaries, and other resources that run independently from other processes in the cloud environment. For the containerization of applications, he follows the five-tier conatiner technology architecture. Currently, Abel is verifying and validating image contents, signing images, and sending them to the registries. Which of the following tiers of the container technology architecture is Abel currently working in?

Abel, a cloud architect, uses container technology to deploy applications/software including all its dependencies, such as libraries and configuration files, binaries, and other resources that run independently from other processes in the cloud environment. For the containerization of applications, he follows the five-tier container technology architecture. Currently, Abel is verifying and validating image contents, signing images, and sending them to the registries. Which of the following tiers of the container technology architecture is Abel currently …

Abel, a cloud architect, uses container technology to deploy applications/software including all its dependencies, such as libraries and configuration files, binaries, and other resources that run independently from other processes in the cloud environment. For the containerization of applications, he follows the five-tier conatiner technology architecture. Currently, Abel is verifying and validating image contents, signing images, and sending them to the registries. Which of the following tiers of the container technology architecture is Abel currently working in? Read More »

iPhone

Steven connected his iPhone to a public computer that had been infected by Clark, an attacker. After establishing the connection with the public computer, Steven enabled iTunes WI-FI sync on the computer so that the device could continue communication with that computer even after being physically disconnected. Now, Clark gains access to Steven’s iPhone through the infected computer and is able to monitor and read all of Steven’s activity on the iPhone, even after the device is out of the communication zone. Which of the following attacks is performed by Clark in above scenario?

Steven connected his iPhone to a public computer that had been infected by Clark, an attacker. After establishing the connection with the public computer, Steven enabled iTunes WI-FI sync on the computer so that the device could continue communication with that computer even after being physically disconnected. Now, Clark gains access to Steven’s iPhone through the infected computer and is able to monitor and read all of Steven’s activity on the iPhone, even after the …

Steven connected his iPhone to a public computer that had been infected by Clark, an attacker. After establishing the connection with the public computer, Steven enabled iTunes WI-FI sync on the computer so that the device could continue communication with that computer even after being physically disconnected. Now, Clark gains access to Steven’s iPhone through the infected computer and is able to monitor and read all of Steven’s activity on the iPhone, even after the device is out of the communication zone. Which of the following attacks is performed by Clark in above scenario? Read More »

protocols

Which of the following protocols can be used to secure an LDAP service against anonymous queries?

Which of the following protocols can be used to secure an LDAP service against anonymous queries? Option 1 : WPA Option 2 : RADIUS Option 3 : NTLM Option 4 : SSO 1. WPA Wi-Fi Protected Access (WPA) could be a security standard for users of computing devices equipped with wireless web connections. WPA was developed by the Wi-Fi Alliance to produce a lot of subtle encoding and higher user authentication than Wired Equivalent Privacy …

Which of the following protocols can be used to secure an LDAP service against anonymous queries? Read More »

CISSP Secure Communications Channels According to Design – Bk2D4T11P1

Module Objectives Define Secure Communications Channels that support remote access services and collaboration. Voice Voice over Internet Protocol (VoIP) Voice over Internet Protocol (VoIP) is a technology that allows you to make voice calls using a broadband internet connection instead of a regular (or analog) phone line. VoIP is simply the transmission of voice traffic over IP-based networks. VoIP is also the foundation for more advanced unified communications channels applications such as web and video …

CISSP Secure Communications Channels According to Design – Bk2D4T11P1 Read More »