Question 6 of 614
Which statement is TRUE regarding network firewalls preventing Web Application attacks?
Answer

Suggested Answer

The suggested answer is B.

Network firewalls, often operating at the network or transport layer, primarily filter traffic based on protocol, port, and IP address. However, since web applications typically use HTTP and HTTPS protocols over ports 80 and 443, which must remain open for the applications to function, network firewalls cannot inherently distinguish between malicious and legitimate web traffic. Therefore, network firewalls alone cannot effectively prevent web application attacks, as these attacks often involve legitimate requests that exploit vulnerabilities in the application itself, necessitating more specialized security measures such as Web Application Firewalls (WAFs) to offer adequate protection.

Community Votes1 vote
BSuggested
100%
Question 7 of 614
Which of the following programs is usually targeted at Microsoft Office products?
Answer

Suggested Answer

The suggested answer is C.

A macro virus is specifically designed to exploit the macros within office software applications, such as Microsoft Office. These viruses are embedded within documents and automatically execute when the document is opened, making them a common threat to Microsoft Office products.

Community Votes

No votes yet

Join the discussion to cast yours

Question 8 of 614
Bluetooth uses which digital modulation technique to exchange information between paired devices?
Answer

Suggested Answer

The suggested answer is B.

Bluetooth primarily uses frequency-shift keying (FSK) for its communication. Specifically, it uses Gaussian Frequency-Shift Keying (GFSK) for basic data rates. While Phase-Shift Keying (PSK) is indeed used for Enhanced Data Rate (EDR) in Bluetooth, the fundamental modulation technique for basic Bluetooth communication is FSK. Therefore, FSK is the correct answer.

Community Votes1 vote
BSuggested
100%
Question 9 of 614
In order to show improvement of security over time, what must be developed?
Answer

Suggested Answer

The suggested answer is C.

To show improvement of security over time, metrics must be developed. Metrics provide quantifiable data that can be used to measure and track security performance, participation, effectiveness, and exposure windows. This information is essential for making informed decisions and improving security programs within an organization.

Community Votes

No votes yet

Join the discussion to cast yours

Question 10 of 614
Passive reconnaissance involves collecting information through which of the following?
Answer

Suggested Answer

The suggested answer is D.

Passive reconnaissance involves gathering information without directly interacting with the target system, thereby avoiding detection. This typically includes collecting data from publicly accessible sources such as websites, social media, publicly available reports, and other open-source intelligence. Other methods like social engineering, network traffic sniffing, and man-in-the-middle attacks would involve more active engagement, which does not align with the definition of passive reconnaissance.

Community Votes4 votes
DSuggested
100%