Renewal 312-50v10 Exam Study Guides With New Update Exam Questions

New Questions 3

What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?

A. Deferred risk

B. Impact risk

C. Inherent risk

D. Residual risk

View Answer

New Questions 4

Insecure direct object reference is a type of vulnerability where the application does not verify if the user is authorized to access the internal object via its name or key.

Suppose a malicious user Rob tries to get access to the account of a benign user Ned.

Which of the following requests best illustrates an attempt to exploit an insecure direct object reference vulnerability?

A. u201cGET/restricted/goldtransfer?to=Rob&from=1 or 1=1u2021 HTTP/1.1Host: westbank.comu201d

B. u201cGET/restricted/accounts/?name=Ned HTTP/1.1 Host: westbank.comu201d

C. u201cGET/restricted/bank.getaccount(u2021Nedu2021) HTTP/1.1 Host: westbank.comu201d

D. u201cGET/restricted/rn%00account%00Ned%00access HTTP/1.1 Host: westbank.comu201d

View Answer

New Questions 5

If an attacker uses the command SELECT*FROM user WHERE name = u2021xu2021 AND userid IS NULL; --u2021; which type of SQL injection attack is the attacker performing?

A. End of Line Comment

B. UNION SQL Injection

C. Illegal/Logically Incorrect Query

D. Tautology

View Answer

New Questions 6

Which one of the following Google advanced search operators allows an attacker to restrict the results to those websites in the given domain?

A. [cache:]

B. [site:]

C. [inurl:]

D. [link:]

View Answer

New Questions 7

Which of the following antennas is commonly used in communications for a frequency band of 10 MHz to VHF and UHF?

A. Omnidirectional antenna

B. Dipole antenna

C. Yagi antenna

D. Parabolic grid antenna

View Answer

New Questions 8

You need to deploy a new web-based software package for your organization. The package requires three separate servers and needs to be available on the Internet. What is the recommended architecture in terms of server placement?

A. All three servers need to be placed internally

B. A web server facing the Internet, an application server on the internal network, a database server on the internal network

C. A web server and the database server facing the Internet, an application server on the internal network

D. All three servers need to face the Internet so that they can communicate between themselves

View Answer

New Questions 9

When does the Payment Card Industry Data Security Standard (PCI-DSS) require organizations to perform external and internal penetration testing?

A. At least twice a year or after any significant upgrade or modification

B. At least once a year and after any significant upgrade or modification

C. At least once every two years and after any significant upgrade or modification

D. At least once every three years or after any significant upgrade or modification

View Answer

New Questions 10

If you want only to scan fewer ports than the default scan using Nmap tool, which option would you use?

A. -sP

B. -P

C. -r

D. -F

View Answer

New Questions 11

Which of the following attacks exploits web age vulnerabilities that allow an attacker to force an unsuspecting useru2021s browser to send malicious requests they did not intend?

A. Command Injection Attacks

B. File Injection Attack

C. Cross-Site Request Forgery (CSRF)

D. Hidden Field Manipulation Attack

View Answer

New Questions 12

Alice encrypts her data using her public key PK and stores the encrypted data in the cloud. Which of the following attack scenarios will compromise the privacy of her data?

A. None of these scenarios compromise the privacy of Aliceu2021s data

B. Agent Andrew subpoenas Alice, forcing her to reveal her private key. However, the cloud server successfully resists Andrewu2021s attempt to access the stored data

C. Hacker Harry breaks into the cloud server and steals the encrypted data

D. Alice also stores her private key in the cloud, and Harry breaks into the cloud server as before

View Answer