Which of the following is a countermeasure to prevent unauthorized database access from web applications?

• A.Session encryption
• B.Input sanitization
• C.Library control
• D.Removing all stored procedures

Comment: *

Name: *

Email: *

Verification: *

You are having a penetration test done on your company network and the leader of the team says they discovered all the network devices because no one had changed the Simple Network Management Protocol (SNMP) community strings from the defaults. Which of the following is a default community string?

• A.Read
• B.Execute
• C.Administrator
• D.Public

Comment: *

Name: *

Email: *

Verification: *

A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy. This policy however, is ignored and not enforced consistently. Which of the following is the MOST likely reason for the policy shortcomings?

• A.Lack of a formal security awareness program
• B.Lack of a formal security policy governance process
• C.Lack of formal definition of roles and responsibilities
• D.Lack of a formal risk management policy

Comment: *

Name: *

Email: *

Verification: *

Which of the following strategies provides the BEST response to a ransomware attack?

• A.Daily full backup
• B.Daily incremental backup
• C.Daily differential backup
• D.Real-time off-site replication

Comment: *

Name: *

Email: *

Verification: *

The Information Security Management program MUST protect:

• A.critical business processes and /or revenue streams
• B.all organizational assets
• C.against distributed denial of service attacks
• D.intellectual property released into the public domain

Comment: *

Name: *

Email: *

Verification: *