156.
__________ can be used to identify a web server.
- A.Session hijacking
- B.Banner grab
- C.Traversal
- D.Header analysis
- Answer & Explanation
- Report
Answer : [B]
Explanation :
Explanation :
| A banner grab can be used to connect to a service and extract information about it. |
157.
In the field of IT security, the concept of defense in depth is layering more than one
control on another. Why would this be helpful in the defense of a system of session hijacking?
- A.To provide better protection
- B.To build dependency among layers
- C.To increase logging ability
- D.To satisfy auditors
- Answer & Explanation
- Report
Answer : [A]
Explanation :
Explanation :
| Defense in depth provides much better protection than a single layer. It also provides a means of slowing down and frustrating an attacker. |
158.
Which of the following is used to set permissions on content in a website?
- A.HIDS
- B.ACE
- C.ACL
- D.ALS
- Answer & Explanation
- Report
Answer : [C]
Explanation :
Explanation :
| Access control lists (ACLs) are used to set permissions on web content and prevent or control certain levels of interaction by users. |
159.
What could be used to monitor application errors and violations on a web server or
application?
- A.HIDS
- B.HIPS
- C.NIDS
- D.Logs
- Answer & Explanation
- Report
Answer : [D]
Explanation :
Explanation :
| Logs can be used to monitor activity on a system, including web applications or web servers. |
160.
Which of the following is an attribute used to secure a cookie?
- A.Encrypt
- B.Secure
- C.HttpOnly
- D.Domain
- Answer & Explanation
- Report
Answer : [B, C, D]
Explanation :
Explanation :
| Each of these flags can be used to provide security for a cookie, which wouldn’t otherwise be provided. |
- Pages
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
|
|
||||||||||||||||||||||||||||
