- Email support@dumps4free.com
Topic 1: Exam Pool A
The Open Web Application Security Project (OWASP) Top Ten is a list of web application
security threats that is composed by a member-driven OWASP committee of application
development experts and published approximately every 24 months. The 2013 OWASP
Top Ten list includes “cross-site scripting (XSS).”
Which of the following is not a method for reducing the risk of XSS attacks?
Response:
A.
Use an auto-escaping template system.
B.
XML escape all identity assertions.
C.
Sanitize HTML markup with a library designed for the purpose.
D.
HTML escape JSON values in an HTML context and read the data with JSON.parse.
Sanitize HTML markup with a library designed for the purpose.
Which of the following are considered to be the building blocks of cloud computing?
Response:
A.
Data, access control, virtualization, and services
B.
Storage, networking, printing and virtualization
C.
CPU, RAM, storage and networking
D.
Data, CPU, RAM, and access control
CPU, RAM, storage and networking
What is used with a single sign-on system for authentication after the identity provider has
successfully authenticated a user?
Response:
A.
Token
B.
Key
C.
XML
D.
SAML
Token
Which of the following is the correct name for Tier II of the Uptime Institute Data
Center Site Infrastructure Tier Standard Topology?
A.
Concurrently Maintainable Site Infrastructure
B.
Fault-Tolerant Site Infrastructure
C.
Basic Site Infrastructure
D.
Redundant Site Infrastructure Capacity Components
Redundant Site Infrastructure Capacity Components
Which of the following tools might be useful in data discovery efforts that are based
on content analysis?
A.
DLP
B.
Digital Rights Management (DRM)
C.
iSCSI
D.
Fibre Channel over Ethernet (FCoE)
DLP
| Page 11 out of 103 Pages |
| Previous |