A company's security policy states that all Web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is this policy attempting to mitigate?

• A.Attempts by attackers to access Web sites that trust the Web browser user by stealing the user's authentication credentials.
• B.Attempts by attackers to access the user and password information stored in the company's SQL database.
• C.Attempts by attackers to access passwords stored on the user's computer without the user's knowledge.
• D.Attempts by attackers to determine the user's Web browser usage patterns, including when sites were visited and for how long.

Comment: *

Name: *

Email: *

Verification: *

Fingerprinting an Operating System helps a cracker because:

• A.It opens a security-delayed window based on the port being scanned
• B.It informs the cracker of which vulnerabilities he may be able to exploit on your system
• C.It doesn't depend on the patches that have been applied to fix existing security holes
• D.It defines exactly what software you have installed

Comment: *

Name: *

Email: *

Verification: *

Which of the following is NOT an ideal choice for biometric controls?

• A.Voice
• B.Height and weight
• C.Iris patterns
• D.Fingerprints

Comment: *

Name: *

Email: *

Verification: *

Which of the following is designed to verify and authenticate individuals taking part in a data exchange within an enterprise?

• A.PKI
• B.Biometrics
• C.Single-Sign On
• D.SOA

Comment: *

Name: *

Email: *

Verification: *

In both pharming and phishing attacks an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims. What is the difference between pharming and phishing attacks?

• A.Both pharming and phishing attacks are identical.
• B.In a pharming attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a phishing attack an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name.
• C.In a phishing attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a phishing attack an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name.
• D.Both pharming and phishing attacks are purely technical and are not considered forms of social engineering

Comment: *

Name: *

Email: *

Verification: *