Saint com545 final exam

Question

Question 1. Question :

Which type of endpoint communication is not susceptible to malware (virus) infection?

E-mail

SMS message

instant message/chat

Internet browsing

Pots Received: 1 of 1

Comments:

Question 2. Question :

Which of the following merchant levels must scan the networks at least quarterly to be compliance with PCI DSS?

Level 1 (more than 6 million transactions a year)

Level 2 (1 million to 6 million transactions a year)

Level 3 (20,000 to 1 million transactions a year)

All merchants, no matter the size, must scan at least quarterly

Pots Received: 1 of 1

Comments:

Question 3. Question :

When using an endpoint device, for which type of communication do you need to stall software to encrypt communications?

Cellular voice

E-mail

Internet browsing

Instant message/chat

Pots Received: 0 of 1

Comments:

Question 4. Question :

You are responsible for acquiring networks equipment at work. One of your users would like a very lightweight, highly portable device to take on the road for checking e-mail and browsing the internet. The device needs Wi-Fi and cellular connectivity, and an 8- to 10-ch screen. Value-add items include an MP3 player, an e-reader, and PDA features. Which would be the best choice for this user?

Smartphone

Laptop computer

Tablet PC, such as an iPad

E-reader

Pots Received: 1 of 1

Comments:

Question 5. Question :

Which of the following mobile communication methods is subject to the least security risk?

Voice calls

IM chat

E-mail

Text message

Pots Received: 1 of 1

Comments:

Question 6. Question :

During which stage of the software development life cycle do developers clearly establish an application’s features and operational functions?

Maintenance

Implementation

Design

Testing

Pots Received: 1 of 1

Comments:

Question 7. Question :

Which of the following is not an example of store-and-forward communication?

Presence/availability

A message on Facebook

Voice mail

E-mail

Pots Received: 1 of 1

Comments:

Question 8. Question :

An extension of SMS that allows a user to send and receive multimedia is called __________.

MMS

LMS

BMS

VMS

Pots Received: 1 of 1

Comments:

Question 9. Question :

Testing an application to verify how well it functions with other software is commonly referred to as __________.

regression testing

compatibility testing

unit testing

software stress testing

Pots Received: 1 of 1

Comments:

Question 10. Question :

Which section of a vulnerability and security assessment report is designed for management and highlights the most critical pots throughout the report?

Summary of findings

Recommended remediation

Executive summary

None of the above

Pots Received: 1 of 1

Comments:

Question 11. Question :

What new risk will users of 4G networks encounter?

Threat from viruses and other malware from IP-based systems

Weaker encryption as compared to 3G networks

creased threat of eavesdropping from mobile network scanners

Proprietary nature of the network can lock customers

Pots Received: 1 of 1

Comments:

Question 12. Question :

Which of the following can help you pinpoint problems with an e-commerce site?

Bounce rate

Shopping cart abandonment statistics

Visitor paths

All of the above

Pots Received: 1 of 1

Comments:

Question 13. Question :

Consider a person who logs to a Web site with a username and password. Which process allows the user access based upon credentials?

Authorization

Accountability

Auditing

Authentication

Pots Received: 1 of 1

Comments:

Question 14. Question :

Which of the following is not an advantage of software configuration management (SCM)?

Ensures greater control

Prevents unauthorized changes

Allows easier management of the software

Can be used the place of traditional backups

Pots Received: 1 of 1

Comments:

Question 15. Question :

What is the first step when performing a Web site security assessment?

Perform penetration testing to discover vulnerabilities.

Identify the components that make up the Web site.

Attempt to escalate privileges on the Web site.

Test forms for put validation.

Pots Received: 1 of 1

Comments:

Question 16. Question :

What is generally not a best practice for implementing VoIP?

Segregate traffic from data network.

Use VLANs to protect and prioritize VoIP traffic.

Patch systems and keep antivirus software up to date.

Do not use VPNs.

Pots Received: 1 of 1

Comments:

Question 17. Question :

Durg which aspect of a multimedia connection does SIP discover and detect the user to be reached?

User availability

User capabilities

Session setup

User location

Pots Received: 1 of 1

Comments:

Question 18. Question :

Which of the following is not an example of a real-time communication?

Presence/availability

Voice mail

Collaboration

An ordary telephone call

Pots Received: 1 of 1

Comments:

Question 19. Question :

An online merchant that experiences a security breach and found not to be compliance with PCI DSS can:

suffer monetary loss.

have lawsuits directed against them.

lose their reputation.

all of the above.

Pots Received: 1 of 1

Comments:

Question 20. Question :

Which of the following negatively affects the quality of real-time communications?

Latency

Persistence

Centralization

SIP

Pots Received: 1 of 1

Comments:

Question 21. Question :

What advantage can whole-device encryption provide to the owner of a mobile device?

Data is encrypted across the network.

E-mail is encrypted.

The device is rendered accessible when away from the owner.

Data encryption is not needed when the device is use.

Pots Received: 1 of 1

Comments:

Question 22. Question :

You want to know which geographic areas your Web site visitors come from. Which Web site analytic statistic can provide this formation?

Browser statistics

Bounce rate

Visitor path

Visitor location

Pots Received: 1 of 1

Comments:

Question 23. Question :

Which phase of a Web security assessment involves conducting finger printing to help identify the components of the Web site platform?

Attack

Report

Penetration

Enumeration

Pots Received: 1 of 1

Comments:

Question 24. Question :

What is one of the most commonly exploited areas of interactive Web applications today?

User put

HTTP header manipulation

Session formation

None of the above

Pots Received: 0 of 1

Comments:

Question 25. Question :

Which feature generally distinguishes a Smartphone from an ordinary cell phone?

Voice mail

Operating system

Numeric keypad

SIM chip

Pots Received: 1 of 1

Comments:

Question 26. Question :

Consider a person who logs to a Web site with a username and password. Which process tracks mechanisms used to keep a record of events on the system?

Authorization

Authentication

Auditg

Accountability

Pots Received: 0 of 1

Comments:

Question 27. Question :

What type of validation is more important from a security perspective for a Web application?

Client side

Browser side

Network side

Server side

Pots Received: 0 of 1

Comments:

Question 28. Question :

A consumer makes a credit card purchase at a gas station and the credit card is credited immediately. What is the name of this process?

Batch processg

Real-time processg

Cash processg

Delayed processg

Pots Received: 1 of 1

Comments:

Question 29. Question :

What does XSS exploit a Web application?

Weak accountability

Misconfigured servers

Buffer overflows

validated user put

Pots Received: 1 of 1

Comments:

Question 30. Question :

Which of the following is a best practice for performing a security assessment and vulnerability scan?

Ignoring authenticated testing and relying on non-authenticated scans.

Using multiple tools for the same function.

Hiring a black-hat hacker to perform the planned attacks.

Ensuring that system administrators are unaware of the planned attacks.

Pots Received: 1 of 1

Comments: