312-50v10 Practice Test

Which of the following is the best countermeasure to encrypting ransomwares?

A.

Use multiple antivirus softwares

B.

Keep some generation of off-line backup

C.

Analyze the ransomware to get decryption key of encrypted data

D.

Pay a ransom

What is the minimum number of network connections in a multi homed firewall?

A.

3

B.

5

C.

4

D.

2

In which of the following cryptography attack methods, the attacker makes a series of
interactive queries, choosing subsequent plaintexts based on the information from the previous encryptions?

A.

Chosen-plaintext attack

B.

Ciphertext-only attack

C.

Adaptive chosen-plaintext attack

D.

Known-plaintext attack

Insecure direct object reference is a type of vulnerability where the application does not
verify if the user is authorized to access the internal object via its name or key.
Suppose a malicious user Rob tries to get access to the account of a benign user Ned.
Which of the following requests best illustrates an attempt to exploit an insecure direct
object reference vulnerability?

A.

“GET/restricted/goldtransfer?to=Rob&from=1 or 1=1’ HTTP/1.1Host: westbank.com”

B.

“GET/restricted/accounts/?name=Ned HTTP/1.1 Host: westbank.com”

C.

“GET/restricted/bank.getaccount(‘Ned’) HTTP/1.1 Host: westbank.com”

D.

 “GET/restricted/\r\n\%00account%00Ned%00access HTTP/1.1 Host: westbank.com”

On performing a risk assessment, you need to determine the potential impacts when some
of the critical business process of the company interrupt its service. What is the name of
the process by which you can determine those critical business?

A.

Risk Mitigation

B.

Emergency Plan Response (EPR)

C.

Disaster Recovery Planning (DRP)

D.

Business Impact Analysis (BIA)