Lesson 11 Application Security Capabilities

Apply encryption to NFC data to prevent eavesdropping and on-path attacks.

A cybersecurity analyst is implementing security measures for Near Field Communication (NFC) usage in the organization's mobile devices. Which technique should the analyst consider applying to mitigate potential risks associated with NFC technology? A.Enable NFC chip reading for all devices to enhance connectivity options. B.Use NFC for direct payment transactions without the need for mobile wallet apps. C.Apply encryption to NFC data to prevent eavesdropping and on-path attacks. D.Increase the NFC signal range to improve communication.

HTTPS

A defense contractor has tasked its local network administrator with securing communications between the organization's web server and clients to protect sensitive user information. Which protocol should the network administrator choose to achieve this security objective? A.HTTP B.Telnet C.HTTPS D.SSH

C & D

A large finance company's software developers are working on a new web application for their customers. The team has concerns about potential security vulnerabilities. Which security techniques should they consider implementing to enhance the security of their application from web-based attack techniques? (Select the two best options.) A.Static code analysis B.Code signing C.Input validation D.Secure cookies

Stealing information from someone else's phone by using an exploit in Bluetooth

A large hospital uses Bluetooth technology for short-range personal area networking. The organization has a security concern with bluesnarfing. What is the attacker doing to the organization? A.Stealing information from someone else's phone by using an exploit in Bluetooth B.Sending unsolicited text messages or vCards to a discoverable device C.Launching highly effective attacks using a peripheral device with malicious firmware D.Compromising any active and unpatched system, regardless of whether discovery is enabled

Data loss protection

A large hospital uses email for communication. However, to ensure security, they want to ensure that sensitive information is not transmitted out. What security function would accomplish this need? A.Simple Network Management Protocol B.File Transfer Protocol C.Secure File Transfer Protocol D.Data loss protection

Applying context-aware authentication to restrict resource access based on user location

A large multinational company wants to enhance the security of its computing resources. It considers applying common security techniques to protect sensitive data and prevent unauthorized access. Which security technique would be MOST suitable for securing computing resources? A.GPS tagging to add geographical identification metadata to a company's sensitive files B.Add geofencing to create a virtual boundary around the company's office premises C.Indoor Positioning System to determine the physical position of employees' devices D.Applying context-aware authentication to restrict resource access based on user location

SFTP

A university's IT team must securely transfer large files containing sensitive financial data between two offices in different cities. Which protocol would be the MOST suitable and secure option for this file transfer? A.HTTP B.FTP C.SMTP D.SFTP

Simple Authentication and Security Layer

An educational institution's systems administrator is responsible for securing the LDAP directory service for the organization's computing resources. Which authentication method should the systems administrator implement to ensure secure access while minimizing opening extra ports on the firewall? A.It requires no authentication method B.Simple Bind authentication method C.Simple Authentication and Security Layer D.Lightweight Directory Access Protocol Secure

Utilize SNMP v3 with a strong user base authentication and encryption for secure monitoring.

The IT administrator at a global banking organization is responsible for implementing Simple Network Management Protocol (SNMP) security measures in the organization's network infrastructure. Which of the following actions should the administrator take to ensure the secure use of SNMP? A.Leave the SNMP community name blank or use default names to prevent unauthorized access. B.Use SNMP v1 or v2 since SNMP v3 is more complex and difficult to configure. C.Set up SNMP agents to send community names in plaintext for ease of communication. D.Utilize SNMP v3 with a strong user base authentication and encryption for secure monitoring.

Use LDAP Secure on port 636 for secure user credential exchange

The IT administrator for a large university uses a Lightweight Directory Access Protocol (LDAP) directory service to manage user access to various computing resources. To ensure the directory's security, which of the following measures should the administrator implement? A.Allow anonymous access to the directory for easy user onboarding B.Use the basic LDAP protocol without any additional security mechanisms C.Use Simple Bind with plaintext of distinguished name and password D.Use LDAP Secure on port 636 for secure user credential exchange

A & C

The IT administrator of a global banking organization is responsible for configuring email services. The administrator must ensure secure communication between servers and servers, as well as servers and clients. Which of the following statements about securing email protocols is true? (Select the two best options.) A.Simple Mail Transfer Protocol Secure (SMTPS) is the most widely implemented and robust method for securing SMTP communications. B.Port 465 is the recommended port for secure message submission over implicit transport layer security using STARTTLS command. C.Post Office Protocol 3S (POP3S) operates over transmission control protocol port 995 by default for secured mailbox access. D.Internet Message Access Protocol Secure allows multiple clients to connect to the same mailbox on port 143 simultaneously.

Transport Layer Security (TLS) 1.3 prevents downgrade attacks, reducing handshake messages.

Which of the following statements about applying common security techniques to computing resources is correct? A.Secure Sockets Layer (SSL) primarily secures File Transfer Protocol (FTP) communications. B.Hypertext Transfer Protocol Secure (HTTPS) operates over port 80 by default. C.Transport Layer Security (TLS) 1.3 prevents downgrade attacks, reducing handshake messages. D.TLS 1.3 cipher suites include Rivest, Shamir, and Adelman for bulk encryption.