Question 11
Which two mechanisms are used to control phishing attacks? (Choose two.)
A. Enable browser alerts for fraudulent websites.
B. Define security group memberships.
C. Revoke expired CRL of the websites.
D. Use antispyware software.
E. Implement email filtering techniques.
Question 12
Which attack is commonly associated with C and C++ programming languages?
A. cross-site scripting
B. water holing
C. DDoS
D. buffer overflow
Question 13
Which two prevention techniques are used to mitigate SQL injection attacks? (Choose two.)
A. Check integer, float, or Boolean string parameters to ensure accurate values.
B. Use prepared statements and parameterized queries.
C. Secure the connection between the web and the app tier.
D. Write SQL code instead of using object-relational mapping libraries.
E. Block SQL code execution in the web application database login.
Question 14
Which two kinds of attacks are prevented by multifactor authentication? (Choose two.)
A. phishing Most Voted
B. brute force Most Voted
C. man-in-the-middle
D. DDOS
E. tear drop
Question 15
What are two rootkit types? (Choose two.)
A. registry
B. buffer mode
C. user mode
D. bootloader
E. virtual
Question 16
How is DNS tunneling used to exfiltrate data out of a corporate network?
A. It leverages the DNS server by permitting recursive lookups to spread the attack to other DNS servers
B. It encodes the payload with random characters that are broken into short strings and the DNS server rebuilds the exfiltrated data Most Voted
C. It redirects DNS requests to a malicious server used to steal user credentials, which allows further damage and theft on the network
D. It corrupts DNS servers by replacing the actual IP address with a rogue address to collect information or start other attacks
Question 17
Which type of attack is social engineering?
A. trojan
B. MITM
C. phishing
D. malware
Question 18
What are two DDoS attack categories? (Choose two.)
A. protocol
B. source-based
C. database
D. sequential
E. volume-based
Question 19
In which type of attack does the attacker insert their machine between two hosts that are communicating with each other?
A. man-in-the-middle
B. LDAP injection
C. insecure API
D. cross-site scripting
Question 20
How does Cisco Advanced Phishing Protection protect users?
A. It utilizes sensors that send messages securely.
B. It uses machine learning and real-time behavior analytics. Most Voted
C. It validates the sender by using DKIM.
D. It determines which identities are perceived by the sender.
