Security+ Midterm and Final
Sigma solutions use hash algorithms in the communications between departments while transferring confidential files. A human resource employee informed you that one of the employees' salary statements sent from her end looks tampered with and requested your help. Which of the following tasks would enable you to identify whether the file is tampered with or not, and how will you make the determination?
Check the digest of the file with the original digest. If the values are different, it can be confirmed that the file has been tampered with.
Sansa is a network security administrator at an enterprise. She is asked to take appropriate steps to defend against a MAC address spoofing attack in the enterprise network. Which of the following methods should Sansa apply?
Configure the switch so that only one port can be assigned per MAC address
Which of the following is NOT a part of business continuity planning?
Contingency actions
Which of the following is considered an industry-specific cybersecurity regulation?
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
There is often confusion between vulnerability scanning and penetration testing. What is the best explanation of the difference between vulnerability scanning and penetration testing?
Vulnerability scanning is performed using an automated tool to scan a network for known vulnerability signatures. Penetration testing involves attempting to manually uncover deep vulnerabilities just as a threat actor would, and then exploiting them.
Which security protocol encrypts transmissions by using a shared secret key combined with an initialization vector (IV) that changes each time a packet is encrypted?
WEP
In a security review meeting, you proposed a demilitarized zone for one of your company's data centers. You were then asked to explain the objective of having a DMZ in the data centers. Which of the following should be your answer?
a. A DMZ will separate the secure facilities from unknown and potentially hostile outsiders.
What are the primary features of a security information event management (SIEM) tool?
a. Aggregation, correlation, event deduplication, time synchronization, and alerting
John needs to add an algorithm for his company communication process, in which encryption uses two keys. One is the public key, and the other one is a private key. Which algorithm will be suitable to achieve this?
a. Asymmetric cryptographic
You are a senior security admin in your enterprise. You have been asked to perform an incident response exercise so that you and your colleagues can analyze every possible scenario in case of an attack in the most realistic manner. Which of the following actions should you take?
You should run a plausible simulated attack on the network.
Which of the following best describes bash?
a. Bash is a command language interpreter.
Jane, an IT security expert whose services are sought by XYZ Company, has recommended implementing CTR mode in the network. What is one requirement that needs to be fulfilled for computers to communicate when the CTR mode is implemented?
a. Both sender and receiver should have access to a counter.
In an interview, you are given the following scenario:David sent a message to Tina saying, "There is no school today!" For some reason, the message showed up on Tina's device as, "Come to the school ASAP!" You (the candidate) are asked to name the type of attack that would cause this situation.Which of the following should you identify?
b. MITM
Which of the following access control schemes is most secure?
b. Mandatory access control
Which of the following offensive tools can be used by penetration testers post-exploitation or successful compromise of a user account in a network that dumps passwords from memory and hashes, PINs, and Kerberos tickets, and thus are used for privilege escalation attacks?
b. Mimikatz and hashcat
Which risk remains after additional controls are applied?
b. Residual risk
John and Sarah are working for Star Alliance. John had to send certain confidential data and messages to Sarah online. The use of which of the following will ensure that the message's sender is, in fact, John?
d. Digital certificate
Which of the following is part of the OS security configuration?
d. Disabling default passwords and unnecessary ports
Which of the following is the most secure encryption solution to adopt for a Google Android mobile device? a. Full disk encryption b. Asymmetric key encryption c. Symmetric key encryption d. File-based encryption
d. File-based encryption
Kile is assigned a role as a grey box penetration tester in the financial sector. He has to conduct a pen testing attack on all the application servers in the network. Which of the following tasks should he perform first while conducting a penetration testing attack on a network?
d. Footprinting
Kia recently noticed that when she browses her favorite online shopping site, she is immediately redirected to a competitor's site. What is happening here, and what is the best option for Kia to fix this situation?
d. Kia must uninstall the toolbar software and the accompanying components she has recent installed on her browser.
While preparing a continuity plan, you were asked to choose a technique by which the backup data stored on the cloud can be accessed from any location. Which of the following techniques should you choose? a. Restore the data to a cold site b. Restore the data to a hot site c. Restore the data to a warm site d. Restore the data to virtual machines
d. Restore the data to virtual machines
Which of the following techniques is a method of passive reconnaissance?
Open Source Intelligence (OSINT)
What is the inbuild application available to prevent threat actors from modifying the registry in a Windows 10 operating system?
c. Windows 10 tamper protection
Which of the following correctly differentiates between a man-in-the-middle (MITM) attack and a man-in-the-browser (MITB)?
A MITM attack occurs between two endpoints, whereas a MITB attack occurs between a browser and underlying computer.
Which penetration testing consultants are not given any knowledge of the network nor any elevated privileges?
Black box
Japan's cybercrime control center noticed that around 200,000 Tokyo computers are infected by bots, and all these bots are remotely controlled by a single attacker. What is this attacker referred to as?
Bot herder
Which of the following compliance standards was introduced to provide a minimum degree of security to organizations who handle customer information such as debit card and credit card details daily?
PCIDSS
Marcus is an information security architect at a product-based IT firm. He is responsible for developing policies for the most-secure mobile device enterprise-deploying model. The company will decide the level of choice and freedom for employees. Employees are supplied company-chosen and paid-for devices that they can use for both professional and personal activities. This action is performed under which enterprise deployment model?
Corporate-owned, personally enabled (COPE)
Blockchain relies on which cryptographic algorithm to make it computationally infeasible to try to replace a block or insert a new block of information without the approval of all entities involved?
Cryptographic hash algorithms
You are the security manager of an ISP, and you are asked to protect the name server from being hijacked. Which of the following protocols should you use?
DNSSEC
Under which vulnerability can an attacker steal information from a user's phone using a device to connect to the phone without physically touching it?
Data theft
Sean is an information security architect at a financial firm. As his first project, he must design and build an efficient, sure-shot, yet cost-effective solution to detect and prevent bank credit card fraud. How should Sean proceed?
Design a solution that keeps track of dates, times, locations of transactions, and geolocation of the authorized cell phone. When a user makes a purchase at a store, the bank can immediately check that the cell phone and the bank card are in the same place. If they are, the purchase is considered legitimate. But if they are not, then the payment is rejected.
Which of the following is a physical social engineering technique?
Dumpster diving
Under which of the following modes does the ciphertext depend only on the plaintext and the key, independent of the previous ciphertext blocks?
ECB
Kane was transferring files from a file transfer protocol (FTP) server to his local machine simultaneously. He sniffed the traffic to find that only the control port commands are encrypted, and the data port is not encrypted. What protocol did Kane use to transfer the files?
FTPS
Threat actors focused on financial gain often attack which of the following main target categories?
Individual users
Which type of intrusion detection system can also block attacks?
Inline
How can a configuration review reduce the impact of a vulnerability scan on the network's overall performance?
It ensures the scan is designed to meet its intended goals by defining scope and sensitivity levels.
Zara has been instructed to organize an event where top companies will come and give a webinar. Since the event is large and the number of people attending is substantial, Zara needs to ensure that there are no disturbances. She thinks preventing devices from communicating and calls from being made or received is the easiest solution. Which factor should Zara use to achieve this?
Jamming
Kia recently noticed that when she browses her favorite online shopping site, she is immediately redirected to a competitor's site. What is happening here, and what is the best option for Kia to fix this situation?
Kia must uninstall the toolbar software and the accompanying components she has recent installed on her browser.
A company has approached you for their product testing, and you agree to do it. First, you have to install the necessary plugins for the software through the browser, install the software, and run the software again.
Making sure that the OS's security options are deployed, run the antivirus/antispyware on the files downloaded, run the software on HSTS/HTTPS mode, and then send a secure cookie to the server.
Dan uses his personal laptop for writing the script for an upcoming high-budget, highly anticipated movie. To keep the script private, he decided not to connect his laptop to any network and updated his system with the latest virus definitions and security patches. Which of the following is Dan's laptop still vulnerable to?
Malicious USB
A manager working in ABC Consulting shared a list of employees from his team who were eligible for an extra week off. Later, he claimed that he has never shared this list. Which principle or functionality of a secured communication can be used to substantiate or verify the manager's claim?
Nonrepudiation
Which of the following RAID configurations have no fault tolerance?
RAID level 0
What does ransomware do to an endpoint device?
Ransomware attacks the endpoint device holding it hostage by preventing it from functioning unless the user fulfills the ransom payment demanded.
Fatima is responsible for conducting business transactions for XYZ Company, and she only had the stored private key. She is on leave and currently unavailable, and the organization needs to complete an urgent business transaction. Which of the following methods should enable the organization to access Fatima's private key and digital certificate?
Recovery
Sherlin is the owner of a cosmetics store. She wanted to introduce a wireless network in the store, but her employees were against it. Sherlin ended up purchasing an inexpensive wireless router and secretly connected it to the wired network. Unfortunately, this unknowingly provided open access to the wireless signal. What type of attack has Sherlin made her store's network vulnerable to?
Rogue access point
Smitha, an employee working in the accounts department, reported to the information security officer that she could not access her computer. James, the security officer, noticed the following on Smitha's system: On booting the computer, the following message was flashing on the computer screen with the IRS logo:"This computer is locked by the Internal Revenue Service. It has come to our attention that you are transferring funds to other agencies using this computer without compliance with the local income tax laws. As per section 22 of the U.S. Income Tax Act, the transmission of funds without applicable taxes is prohibited. Your IP address is identified in this fraudulent transaction and is locked to prevent further unlawful activities. This offense attracts a penalty of $400.00 for the first offense. You are hereby given 16 hours to resolve this issue, failing which you shall be prosecuted to the full extent of the law. You may make a secure payment by clicking on the following link. If you face any issues, you may reach out to us at [email protected]."The message will not close, nor is there access to applications or files on the computer; however, James can open shared files and folders on Smitha's computer through the network. What is your inference about the problem faced by Smitha on her computer?
Smitha's computer is compromised by ransomware.
What is a variation of a common social engineering attack targeting a specific user?
Spear phishing
In an interview, you were asked to explain the steps involved in a successful authentication by a RADIUS server. How should you answer?
The supplicant sends a request to the access point (AP). The AP prompts the user for credentials. Once credentials are entered, the AP sends an authentication request to the RADIUS server. If verified, the server sends the authentication acknowledgment to the AP. The user is then authorized to join the network.
Which of the following vulnerabilities involves connecting a flash drive infected with malware to a mobile device? a. Malicious USB cable b. Tethering c. USB-on-the-go (OTG) d. Hotspots
c. USB-on-the-go (OTG)
William downloaded some free software to help him with photo editing. A few days later, William noticed several personal photographs were modified and posted to various social media pages with obscene comments. He also noticed that there were videos of him that were morphed and circulated on adult websites. The videos were obviously taken using his webcam. What should William do to fix his problem and prevent it from happening again in the future?
William should run an antimalware program and scan for all known RATs, then quarantine and remove the infected file(s). To prevent this in the future, he should only download software from trusted websites.
Which HTTP response header should be used to prevent attackers from displaying their content on a website?
X-Frame-Option
Which of the following can be done to obfuscate sensitive data?
c. Masking
Which of the following protocols can be used for secure video and voice calling?
d. SRTP
A source computer's ability to reach a specified destination computer can be tested using which of the following?
ping
Amaya is looking for a hardware chip or integrated circuit (IC) that can be programmed by the user to carry out one or more logical operations, can be reprogrammed when needed, and can be configured by either the user or designer. Which option should Amaya select?
Field-programmable gate array (FPGA)
Which of the following uses hardware encryption technology to secure stored data and ensures the inseparability of SEDs among vendors?
Opal
Which of the following is defined as a structure for governing all the elements involved in digital certificate management?
PKI
Alpha Tech started a charitable competition in which every team is asked to submit a proposal for a public health contract asking for a new viral transmission mitigation app.
Team B has selected BAN.
A vulnerability assessment engineer performed vulnerability scanning on active directory servers and discovered that the active directory server is using a lower version of Kerberos. To alert management to the risk behind using a lower version of Kerberos, he needs to explain what an attacker can do to leverage the vulnerabilities in it. Which of the following actions can the attacker perform after exploiting vulnerabilities in Kerberos?
Use privilege escalation
Your company is considering updating several electronic devices used in the enterprise network. The third-party service provider that your company approached says that they require access to the enterprise network in order to implement the updates. As the chief information security officer, you are asked to analyze the requirement and submit a report on potential vulnerabilities when giving a third-party access to the network. Which of the following vulnerabilities should you list as the most likely to affect the enterprise network?
Weakest link
Which threat actors sell their knowledge to other attackers or governments?
a. Brokers
While Andel is logging into his email through a browser, the login window disappears. Andel attempts to log in again and is successful. Days later, he goes to log into his email, and his attempt fails. He receives a message indicating that his username and/or password are invalid.What is Andel likely a victim of?
a. CSRF
Wireless data networks are particularly susceptible to which type of attack?
a. Ciphertext attack
John has been appointed as a product manager at a large mobile device manufacturing company. He is designing the core features included in their flagship mobile device that will be launched during the holiday shopping season. Which of the following features should he primarily include?
a. Data synchronization with a remote server or separate device
Which control discourages security violations before their occurrence?
a. Deterrent control
Which of the following is NOT an automated vulnerability scanning tool?
a. ELK Stack
A security breach recently occurred in your enterprise. During the incident investigation, you are asked to examine network-based device logs. Which of the following network devices should you examine first?
a. Firewall
Which cookie is created by the website a user is currently browsing to store the customer's browsing preference information? a. First-party cookie b. Secure cookie c. Session cookie d. Third-party cookie
a. First-party cookie
Your enterprise has played fast and loose with customer information for years. While there has been no significant breach of information that could damage the organization and/or their customers, many in the enterprise feel it is only a matter of time before a major leak occurs. Which type of threat actor is an employee who wishes to personally ensure that the enterprise is exposed and blocked from accessing their customers' information until they ensure more secure protocols?
a. Hacktivist
Which of the following tools allow a mobile device to be managed remotely by an organization and typically involve a server sending out management commands to mobile devices?
a. MDM
Which of the following is an agreement that ensures an employee does not misuse enterprise data?
a. Nondisclosure agreement
You work for an enterprise that provides various cybersecurity services. You are assigned to examine an enterprise's network and suggest security measures modifications, if necessary. On examining the network, you find that the enterprise hosts most of its computing resources on a cloud platform and few resources on-premises, and both seem to have secure settings implemented. You also find that the enterprise computers use the Windows XP operating system. Which of the following vulnerabilities should you insist on fixing first?
a. Platform vulnerability
The following data is being used for a password attack: "?u ?l ?l ?l ?l ?d ?d ?d ?d." Which of the following types of attack is this?
a. Rule attack
Which algorithm encrypts and decrypts data using the same key?
a. Symmetric cryptographic algorithm
Which of the following protocols are used to secure HTTP?
a. TLS and SSL
Mike, an employee at your company, approached you seeking help with his virtual machine. He wants to save the current state of the machine to roll back to the saved state in case of a malfunction. Which of the following techniques can help Mike?
a. Take snapshots to save the virtual machine state
Robert has two cryptographic keys, and he needs to determine which of them is less prone to being attacked. The cryptoperiod is limited and equal for both the keys. The first key has a length of 2 and uses 16 characters, while the other key has a length of 3 and uses 15 characters. Which of the following is the best conclusion for Robert to come to?
a. The second key is more secure than the first key.
Which of the following vulnerabilities involves connecting a flash drive infected with malware to a mobile device?
a. USB-on-the-go (OTG)
Juan, a cybersecurity expert, has been hired by an organization whose networks have been compromised by a malware attack. After analyzing the network systems, Juan submits a report to the company mentioning that the devices are infected with malware that uses a split infection technique on files. Which malware attack is Juan reporting?
a. Virus
A cybercriminal attempts to trick a computer's user into sharing their personal information by implementing content to discreetly capture user information over the actual webpage. What should the user implement to avoid this situation?
a. X-Frame
A cybercriminal attempts to trick a computer's user into sharing their personal information by implementing content to discreetly capture user information over the actual webpage.What should the user implement to avoid this situation?
a. X-Frame
In an interview, you were asked to crack a password and told that the password is a commonly used word. Which of the following methods should you apply?
a. You should perform a dictionary attack.
A machine where the operating system runs an application on top of an operating system is called _______.
a. a virtual machine
What is a Type I hypervisor?
b. A hypervisor that runs directly on computer hardware
You are asked to configure your firewall in such a way that the traffic from source address range 117.112.10.25 through 117.112.15.100 is allowed, while traffic from 117.112.12.25 through 117.112.13.25 is denied, and traffic from 117.112.12.200 through 117.112.13.10 is allowed. How should you configure the firewall?
b. Allow 117.112.10.25 through 117.112.15.100; deny 117.112.12.25 through 117.112.13.25; force-allow 117.112.12.200 through 117.112.13.10
Which of the following best describes DLP?
b. DLP is used to prevent leakage of confidential data.
Which specific type of attack occurs when a threat actor redirects network traffic by modifying the local host file to send legitimate traffic anywhere they choose?
b. DNS poisoning
Who implements access control based on the security level determined by the data owner?
b. Data custodian
Alex needs to find a method that can change a single character of plaintext into multiple characters of ciphertext. Which method should Alex use?
b. Diffusion
Which encryption method in BitLocker prevents attackers from accessing data by booting from another OS or placing the hard drive in another computer?
b. Full disk encryption
Which of the following sets only lists additional features of a mobile device or a computing device?
b. Global positioning system (GPS), microphone and/or digital camera, wireless cellular connection for voice communications, wireless personal area network interfaces such as Bluetooth or near-field-communications (NFC), removable storage media
XYZ University wants to set up a VPN network to connect to the internet and ensure that all their data is safe. They have asked you to recommend the correct communication protocol to use. Which of the following protocols should you recommend and why?
b. IPsec, because it authenticates that the packets received were sent from the source and ensures that no other party can view the contents. It manages the keys to ensure that they are not intercepted or used by unauthorized parties.
A company monitors the network activity of the organization and stores the logs in a database. You have been asked to identify whether there are any malicious activities in the network. Which of the following can denote the upper and lower bounds of their various network activities?
b. KRI
Kainat is asked to suggest a cipher in which the entire alphabet is rotated (as in, A=N, B=O), making it difficult to identify. Which cipher should she suggest?
b. ROT13
What type of attack occurs when the threat actor snoops and intercepts the digital data transmitted by the computer and resends that data, impersonating the user?
b. Replay
You are the chief security administrator in your enterprise. You are asked to train every employee, from top-level officers to front gate security officers, to make them aware of various security risks. Which of the following training techniques should you use? a. Computer-based training b. Role-based awareness training c. Gamification d. Capture the flag
b. Role-based awareness training
Which of the following authentication methods belongs in the "something you have" category?
b. Security key
ABC Technologies had its computer network compromised through a cybersecurity breach. A cybersecurity expert was employed to analyze and identify what caused the attack and the damage caused by the attack. He checked an available database for this purpose and found the threat actor behind the attack. He also found out the cybercriminal has been attempting to sell the company's valuable data on the internet. Which are the most probable methods used by the cybersecurity expert to get to this stage of the investigation?
b. The cybersecurity expert checked with CISCP and also investigated the dark web.
Which encryption is a chip on the motherboard of a computer that provides cryptographic services?
b. Trusted platform module
In a security review meeting, you are asked to calculate the single loss expectancy (SLE) of an enterprise building worth $100,000,000, 75% of which is likely to be destroyed by a flood. Flood insurance data suggest that a severe flood is likely to occur once every 100 years. Which formula should you use to calculate the SLE?
c. 100,000,000 * 0.75
John needs to add an algorithm for his company communication process, in which encryption uses two keys. One is the public key, and the other one is a private key. Which algorithm will be suitable to achieve this?
c. Asymmetric cryptographic
In a security meeting, you are asked to suggest access control schemes in which you have high flexibility when configuring access to the enterprise resources.Which of the following should you suggest?
c. Attribute-based access control
While Andel is logging into his email through a browser, the login window disappears. Andel attempts to log in again and is successful. Days later, he goes to log into his email, and his attempt fails. He receives a message indicating that his username and/or password are invalid. What is Andel likely a victim of?
c. CSRF
In which of the following mobile device connectivity methods are transmitters connected through a mobile telecommunication switching office (MTSO) that controls all of the transmitters in the cellular network and serves as the link between the cellular network and the wired telephone world?
c. Cellular
Alex needs to find a method that can change a single character of plaintext into multiple characters of ciphertext.Which method should Alex use?
c. Diffusion
Malik and Chris are shopping for shoes on an e-commerce website and need to enter their credit card details. Which of the following can assure them that they are using the retailer's authentic website and not an imposter's look-alike site that will steal their credit card details?
c. Digital certificate
A company has multiple CAs and intermediate CAs issuing digital certificates in different departments, with no one cross-checking their work. Which PKI trust model should the company use?
c. Distributed trust model
What additional measure should be enacted to increase the security on a computer network after secure boot, protective measures from attacks like antimalware, and intrusion detection systems are implemented in all the computers on the network?
c. Implement hardening at endpoints with patch management and operating system safeguards
Terrence, an executive VP of IT at Sigma Bank, noticed that yesterday, there was a major attack on several thousands of bank employees' computers located at geographically different locations where files and data from the computers got deleted. It was also noticed that several confidential files containing customer data were deleted from the bank's server in multiple locations, and the CEO's emails were deleted from the mail server. Since the bank was compliant with cybersecurity measures, Terrence suspects an internal hand in this activity. While going through the records of all employees working in the IT security of the bank, both past and present, he notices that there is an employee, Chris, who has enough experience to launch this attack, was unhappy with his annual review last year, and had left the bank three months ago. If Terrence were able to single Chris out as the one responsible for the attack, what kind of an attack would this be? a. Spyware b. Backdoor c. Logic-bomb d. Keylogger
c. Logic-bomb
You work for an enterprise that provides various cybersecurity services. You are assigned to examine an enterprise's network and suggest security measures modifications, if necessary. On examining the network, you find that the enterprise hosts most of its computing resources on a cloud platform and few resources on-premises, and both seem to have secure settings implemented. You also find that the enterprise computers use the Windows XP operating system. Which of the following vulnerabilities should you insist on fixing first?
c. Platform vulnerability
You are a security administrator for an enterprise. You were asked to implement a cloud app security function in your enterprise network so that login attempts from identified threat actors can be restricted. Which of the following cloud app security function should you use?
c. Risky IP address
In an interview, Max was asked to tell one difference between a software firewall and a virtual firewall. How should Max answer?
c. Software firewalls are locally installed on a device, whereas virtual firewalls run in the cloud.
Which of the following uses vulnerable applications to modify Microsoft registry keys?
c. System tampering
Which of the following protocols are used to secure HTTP?
c. TLS and SSL
Samira is developing a virtual private chat application for ABC Consulting. The following are requirements provided by the organization while making the application:
c. Tunnel mode
Sam is asked to help his company design a wireless network for their new location.Which of the following protocols has the strongest wireless security, supports a longer bit of encryption, and improved interaction capabilities with the internet of things (IoT) devices?
c. WPA3
What is another term commonly used to define cross-site request forgery (CSRF): a. Client-server request forgery b. Server-side request forgery c. Cross-server request forgery d. Client-side request forgery
d. Client-side request forgery
XYZ University wants to set up a VPN network to connect to the internet and ensure that all their data is safe. They have asked you to recommend the correct communication protocol to use. Which of the following protocols should you recommend and why?
d. IPsec, because it authenticates that the packets received were sent from the source and ensures that no other party can view the contents. It manages the keys to ensure that they are not intercepted or used by unauthorized parties.
Robert is a black box penetration tester who conducted pen testing attacks on all of the network's application servers. He was able to exploit a vulnerability and gain access to the system using a mimikatz tool. Which of the following activities did he perform using mimikatz, and which task should he perform next?
d. Robert used mimikatz for credential harvesting, and should perform privilege escalation using a high-privileged account next.
Ronald is a software architect at MindSpace Software. He has been approached to develop a critical application for a finance company. The company has asked him to ensure that the employed coding process is secure. They have also requested that the project be completed in a few months, with a minimum version of the identified functionalities provided. The other functionalities can be developed later and added to the software while the application is live. Which development process would be ideal for Ronald to employ to achieve this objective?
d. Ronald can employ the SecDevOps model to meet the requirements of the client.
Sarah needs to send an email with important documents to her client. Which of the following protocols ensures that the email is secure?
d. S/MIME
Amtel University decides to keep a record of their student data in a backup server. The administrator contacts you to identify the right command interface protocol to be used in this. Which command interface protocol should you advise?
d. SSH
Which of the following is the earliest and most general cryptographic protocol?
d. SSL
Your enterprise experienced several technical issues over the last few days. There were multiple instances of passwords needing to be changed and other issues causing downtime. Management has started receiving voicemails regarding fraudulent activities on their accounts. While the voicemails sound authentic, the help desk concludes that they are fake. What type of malicious activity will this be considered?
d. Vishing
In an application development model, which of the following uses a sequential development process?
d. Waterfall development
In an interview, you were asked to choose the least vulnerable password from the following list. Which of the following should you choose?
d. earthwaterforesttreemanworldkid