- (Topic 4)
A network security administrator is worried about potential man-in-the-middle attacks when users access a corporate web site from their workstations. Which of the following is the best remediation against this type of attack?
Correct Answer:C
- (Topic 5)
Which set of access control solutions implements two-factor authentication?
Correct Answer:A
- (Topic 4)
Which of the following programs is usually targeted at Microsoft Office products?
Correct Answer:C
- (Topic 4)
While testing the company's web applications, a tester attempts to insert the following test script into the search area on the company's web sitE.
[removed]alert(" Testing Testing Testing ")[removed]
Afterwards, when the tester presses the search button, a pop-up box appears on the screen with the text: "Testing Testing Testing". Which vulnerability has been detected in the web application?
Correct Answer:D
- (Topic 8)
John is using tokens for the purpose of strong authentication. He is not confident that his security is considerably strong.
In the context of Session hijacking why would you consider this as a false sense of security?
Correct Answer:B
A token will give you a more secure authentication, but the tokens will not help against attacks that are directed against you after you have been authenticated.