- Email support@dumps4free.com
Topic 1: Exam Pool A
A company’s security policy states that all Web browsers must automatically delete their
HTTP browser cookies upon terminating. What sort of security breach is this policy
attempting to mitigate?
A.
Attempts by attackers to access the user and password information stored in the
company’s SQL database.
B.
Attempts by attackers to access Web sites that trust the Web browser user by stealing
the user’s authentication credentials.
C.
Attempts by attackers to access password stored on the user’s computer without the
user’s knowledge.
D.
Attempts by attackers to determine the user’s Web browser usage patterns, including
when sites were visited and for how long.
Attempts by attackers to access Web sites that trust the Web browser user by stealing
the user’s authentication credentials.
What does a firewall check to prevent particular ports and applications from getting packets
into an organization?
A.
Transport layer port numbers and application layer headers
B.
Presentation layer headers and the session layer port numbers
C.
Network layer headers and the session layer port numbers
D.
Application layer port numbers and the transport layer headers
Transport layer port numbers and application layer headers
Peter, a Network Administrator, has come to you looking for advice on a tool that would
help him perform SNMP enquires over the network.
Which of these tools would do the SNMP enumeration he is looking for? Select the best
answers.
A.
SNMPUtil
B.
SNScan
C.
SNMPScan
D.
Solarwinds IP Network Browser
E.
NMap
SNMPUtil
SNScan
Solarwinds IP Network Browser
Susan has attached to her company's network. She has managed to synchronize her
boss's sessions with that of the file server. She then intercepted his traffic destined for the
server, changed it the way she wanted to and then placed it on the server in his home
directory.
What kind of attack is Susan carrying on?
A.
A sniffing attack
B.
A spoofing attack
C.
A man in the middle attack
D.
A denial of service attack
A man in the middle attack
By using a smart card and pin, you are using a two-factor authentication that satisfies
A.
Something you are and something you remember
B.
Something you have and something you know
C.
Something you know and something you are
D.
Something you have and something you are
Something you have and something you know
Explanation: Two-factor Authentication or 2FA is a user identity verification method, where
two of the three possible authentication factors are combined to grant access to a website
or application.1) something the user knows, 2) something the user has, or 3) something the
user is.
The possible factors of authentication are:
· Something the User Knows:
This is often a password, passphrase, PIN, or secret question. To satisfy this authentication
challenge, the user must provide information that matches the answers previously provided
to the organization by that user, such as “Name the town in which you were born.”
· Something the User Has:
This involves entering a one-time password generated by a hardware authenticator. Users
carry around an authentication device that will generate a one-time password on command.
Users then authenticate by providing this code to the organization. Today, many
organizations offer software authenticators that can be installed on the user’s mobile
device.
· Something the User Is:
This third authentication factor requires the user to authenticate using biometric data. This
can include fingerprint scans, facial scans, behavioral biometrics, and more.
For example: In internet security, the most used factors of authentication are:
something the user has (e.g., a bank card) and something the user knows (e.g., a PIN
code). This is two-factor authentication. Two-factor authentication is also sometimes
referred to as strong authentication, Two-Step Verification, or 2FA.
The key difference between Multi-Factor Authentication (MFA) and Two-Factor Authentication (2FA) is that, as the term implies, Two-Factor Authentication utilizes a
combination of two out of three possible authentication factors. In contrast, Multi-Factor
Authentication could utilize two or more of these authentication factors.
| Page 21 out of 114 Pages |
| Previous |