- Email support@dumps4free.com
Susan, a software developer, wants her web API to update other applications with the
latest information. For this purpose, she uses a user-defined HTTP tailback or push APIs
that are raised based on trigger events: when invoked, this feature supplies data to other
applications so that users can instantly receive real-time Information.
Which of the following techniques is employed by Susan?
A.
web shells
B.
Webhoos
C.
REST API
D.
SOAP API
web shells
When a normal TCP connection starts, a destination host receives a SYN
(synchronize/start) packet from a source host and sends back a SYN/ACK (synchronize
acknowledge). The destination host must then hear an ACK (acknowledge) of the
SYN/ACK before the connection is established. This is referred to as the "TCP three-way
handshake." While waiting for the ACK to the SYN ACK, a connection queue of finite size
on the destination host keeps track of connections waiting to be completed. This queue
typically empties quickly since the ACK is expected to arrive a few milliseconds after the
SYN ACK.
How would an attacker exploit this design by launching TCP SYN attack?
A.
Attacker generates TCP SYN packets with random destination addresses towards a victim host
B.
Attacker floods TCP SYN packets with random source addresses towards a victim host
C.
Attacker generates TCP ACK packets with random source addresses towards a victim host
D.
Attacker generates TCP RST packets with random source addresses towards a victim host
Attacker floods TCP SYN packets with random source addresses towards a victim host
In the context of Windows Security, what is a 'null' user?
A.
A user that has no skills
B.
An account that has been suspended by the admin
C.
A pseudo account that has no username and password
D.
A pseudo account that was created for security administration purpose
A pseudo account that has no username and password
Sam, a professional hacker. targeted an organization with intention of compromising AWS
IAM credentials. He attempted to lure one of the employees of the organization by initiating
fake calls while posing as a legitimate employee. Moreover, he sent phishing emails to
steal the AWS 1AM credentials and further compromise the employee's account. What is
the technique used by Sam to compromise the AWS IAM credentials?
A.
Social engineering
B.
insider threat
C.
Password reuse
D.
Reverse engineering
Social engineering
Attacker Rony Installed a rogue access point within an organization's perimeter and
attempted to Intrude into its internal network. Johnson, a security auditor, identified some
unusual traffic in the internal network that is aimed at cracking the authentication
mechanism. He immediately turned off the targeted network and tested for any weak and
outdated security mechanisms that are open to attack. What is the type of vulnerability
assessment performed by Johnson in the above scenario?
A.
Distributed assessment
B.
Wireless network assessment
C.
Most-based assessment
D.
Application assessment
Wireless network assessment
Explanation:
Expanding your network capabilities are often done well using wireless networks, but it also
can be a source of harm to your data system . Deficiencies in its implementations or
configurations can allow tip to be accessed in an unauthorized manner.This makes it
imperative to closely monitor your wireless network while also conducting periodic Wireless
Network assessment.It identifies flaws and provides an unadulterated view of exactly how
vulnerable your systems are to malicious and unauthorized accesses.Identifying
misconfigurations and inconsistencies in wireless implementations and rogue access points
can improve your security posture and achieve compliance with regulatory frameworks.
| Page 24 out of 104 Pages |
| Previous |