Chapter 3 and 4 security
Which of the following is NOT a means by which a bot communicates with a C&C device?
What term refers to changing the design of existing code?
Refactoring
Which of the following is FALSE about a quarantine process?
It holds a suspicious application until the user gives approval.
An IOC occurs when what metric exceeds its normal bounds?
KRI
Josh is researching the different types of attacks that can be generated through a botnet. Which of the following would NOT be something distributed by a botnet?
LOLBins
What are the two concerns about using public information sharing centers?
Privacy and speed
Which stage conducts a test that will verify the code functions as intended?
Staging stage
Which privacy protection uses four colors to indicate the expected sharing limitations that are to be applied by recipients of the information?
TLP
What race condition can result in a NULL pointer/object dereference?
Time of check/time of use race condition
Which of these is a list of preapproved applications?
Whitelist
Which of the following attacks is based on a website accepting user input without sanitizing it?
XSS
what word is the currently accepted term to refer to network connected devices
endpoint
which of the following is NOT a characteristic of malware
has no diffusion
