A penetration tester is inspecting traffic on a new mobile banking application and sends the following web request:
POSThttp://www.example.com/resources/NewBankAccount
HTTP/1.1
Content-type: application/json
{
"account":
[
{ "creditAccount":"Credit Card Rewards account"}
{ "salesLeadRef":"www.example.com/badcontent/exploitme.exe"}
],
"customer":
[
{ "name":"Joe Citizen"}
{ "custRef":"3153151"}
]
}
The banking website responds with:
HTTP/1.1 200 OK
{
"newAccountDetails":
[
{ "cardNumber":"1234123412341234"}
{ "cardExpiry":"2020-12-31"}
{ "cardCVV":"909"}
],
"marketingCookieTracker":"JSESSIONID=000000001"
"returnCode":"Account added successfully"
}
Which of the following are security weaknesses in this example? (Select TWO).

• A.Missing input validation on some fields
• B.Vulnerable to SQL injection
• C.Sensitive details communicated in clear-text
• D.Vulnerable to XSS
• E.Vulnerable to malware file uploads
• F.JSON/REST is not as secure as XML

Comment: *

Name: *

Email: *

Verification: *

An organization based in the United States is planning to expand its operations into the European market later in the year Legal counsel is exploring the additional requirements that must be established as a result of the expansion. The BEST course of action would be to

• A.revise the employee provisioning and deprovisioning procedures
• B.complete a quantitative risk assessment
• C.complete a security questionnaire focused on data privacy.
• D.draft a memorandum of understanding

Comment: *

Name: *

Email: *

Verification: *

A newly hired security analyst has joined an established SOC team. Not long after going through corporate
orientation, a new attack method on web-based applications was publicly revealed. The security analyst
immediately brings this new information to the team lead, but the team lead is not concerned about it.
Which of the following is the MOST likely reason for the team lead's position?

• A.Web-based applications are on isolated network segments.
• B.The organization has accepted the risks associated with web-based threats.
• C.The attack type does not meet the organization's threat model.
• D.Corporate policy states that NIPS signatures must be updated every hour.

Comment: *

Name: *

Email: *

Verification: *

A firewall specialist has been newly assigned to participate in red team exercises and needs to ensure the skills represent real-world threats. Which of the following would be the BEST choice to help the new team member learn bleeding-edge techniques?

• A.Research methods while using Tor.
• B.Attend web-based training.
• C.Attend hacking conventions.
• D.Interview current red team members.

Comment: *

Name: *

Email: *

Verification: *

CORRECT TEXT
Company A has noticed abnormal behavior targeting their SQL server on the network from a rogue IP address. The company uses the following internal IP address ranges:
192.10.1.0/24 for the corporate site and 192.10.2.0/24 for the remote site. The Telco router interface uses the 192.10.5.0/30 IP range.
Instructions: Click on the simulation button to refer to the Network Diagram for Company A.
Click on Router 1, Router 2, and the Firewall to evaluate and configure each device.
Task 1: Display and examine the logs and status of Router 1, Router 2, and Firewall interfaces.
Task 2: Reconfigure the appropriate devices to prevent the attacks from continuing to target the SQL server and other servers on the corporate network.

Correct Answer:

Check the solution below.
Explanation:
Check the answer below

Screen Shot 2015-04-09 at 10
We have traffic coming from two rogue IP addresses: 192.10.3.204 and 192.10.3.254 (both in the 192.10.30.0/24 subnet) going to IPs in the corporate site subnet (192.10.1.0/24) and the remote site subnet (192.10.2.0/24). We need to Deny (block) this traffic at the firewall by ticking the following two checkboxes:

Comment: *

Name: *

Email: *

Verification: *