CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
1. Recently your users were redirected to a malicious site when theirDNS cache was polluted. What type of attack have you suffered?
A) shoulder surfing
B) pharming
C) Dumpster diving
D) phishing
2. Recently someone stole data from your network, and that data should have been encrypted, but it - s too late to figure out whether it was. What tool could you use to determine if certain types of traffic on your network are encrypted?
A) fuzzer
B) port scanner
C) protocol analyzer
D) password cracker
3. You implemented a procedure whereby a testing team was provided with limited knowledge of the network systems anddevices and could use publicly available information. The organization - s security team was NOT informed that an attack wascoming. What type of test have you implemented?
A) blind test
B) target test
C) full-knowledge test
D) double-blind test
4. Which of the following tenets has been satisfied when an organization takes all the actions it can reasonably take to preventsecurity issues or to mitigate damage if security breaches occur?
A) CIA
B) due diligence
C) due process
D) due care
5. Which SCAP component contains methods for describing and classifying operating systems?
A) CVE
B) CWE
C) CPE
D) CCE
A) shoulder surfing
B) pharming
C) Dumpster diving
D) phishing
2. Recently someone stole data from your network, and that data should have been encrypted, but it - s too late to figure out whether it was. What tool could you use to determine if certain types of traffic on your network are encrypted?
A) fuzzer
B) port scanner
C) protocol analyzer
D) password cracker
3. You implemented a procedure whereby a testing team was provided with limited knowledge of the network systems anddevices and could use publicly available information. The organization - s security team was NOT informed that an attack wascoming. What type of test have you implemented?
A) blind test
B) target test
C) full-knowledge test
D) double-blind test
4. Which of the following tenets has been satisfied when an organization takes all the actions it can reasonably take to preventsecurity issues or to mitigate damage if security breaches occur?
A) CIA
B) due diligence
C) due process
D) due care
5. Which SCAP component contains methods for describing and classifying operating systems?
A) CVE
B) CWE
C) CPE
D) CCE
1. Right Answer: B
Explanation: Pharming is similar to phishing, but pharming actually pollutes the contents of a computer s DNS cache so that requests to a legitimate site are routed to an alternate site.
2. Right Answer: C
Explanation: Protocol analyzers, or sniffers, collect raw packets from the network and are used by both legitimate security professionals and attackers. Using such a tool, you could tell if the traffic of interest is encrypted.
3. Right Answer: D
Explanation: In a double blind test, the testing team is provided with limited knowledge of the network systems and devices using publicly available information. The organization s security team does not know that an attack is coming.
4. Right Answer: D
Explanation: Due care means that an organization takes all the actions it can reasonably take to prevent security issues or to mitigate damage if security breaches occur.
5. Right Answer: C
Explanation: Common Platform Enumerations (CPE) are methods for describing and classifying operating systems applications and hardware devices.
Explanation: Pharming is similar to phishing, but pharming actually pollutes the contents of a computer s DNS cache so that requests to a legitimate site are routed to an alternate site.
2. Right Answer: C
Explanation: Protocol analyzers, or sniffers, collect raw packets from the network and are used by both legitimate security professionals and attackers. Using such a tool, you could tell if the traffic of interest is encrypted.
3. Right Answer: D
Explanation: In a double blind test, the testing team is provided with limited knowledge of the network systems and devices using publicly available information. The organization s security team does not know that an attack is coming.
4. Right Answer: D
Explanation: Due care means that an organization takes all the actions it can reasonably take to prevent security issues or to mitigate damage if security breaches occur.
5. Right Answer: C
Explanation: Common Platform Enumerations (CPE) are methods for describing and classifying operating systems applications and hardware devices.
0 Comments
Leave a comment
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
