Securing Applications and Data

Question 1

Your e-mail server has been listed on a spam blacklist because a large amount of spam is being relayed through it. Which of the following actions should you take?

Enable SMTP relay.

Use an anti-spam filter.

Use SMTP relay authentication.

Answer 1

Use SMTP relay authentication.

By using authenticated SMTP relay, you allow only authorized mail servers and clients to connect to your e-mail server to send and relay messages

Question 2

While testing exception handling with a web application, you encounter an error that displays a full URL path to critical data files for the application. Which one of the following types of vulnerabilities would this application be susceptible to?

Session hijacking

Cross-site scripting

Directory traversal

Answer 2

Directory traversal

Directory traversal is a vulnerability that allows an attacker who knows the details of an application server’s directory tree to manually traverse the directory using input commands in the URL location bar or input forms in the application. Error messages should never display the full paths of files to prevent hackers from discovering the directory structure

Question 3

Your web application currently checks authentication credentials from a user’s web browser cookies before allowing a transaction to take place. However, you have had several complaints of identity theft and unauthorized purchases from users of your site. Which of the following is the mostly likely cause?

Cross-site scripting

Session hijacking

Header manipulation

Answer 3

Session hijacking

Session hijacking occurs when a malicious hacker is able to access your session cookie and then use the session information to make unauthorized requests as the target user

Question 4

To protect your users while web surfing, you create a web browser configuration baseline that will be applied to all of your users in your organization. Which of the following components should you block by default?

Unsigned ActiveX controls

JavaScript

Search engines

Answer 4

Unsigned ActiveX controls

Although ActiveX controls are required for many websites to run correctly, you should never allow users to download unsigned ActiveX controls. If ActiveX controls are not properly signed and authenticated, they are most likely malicious

Question 5

As part of your application-hardening process, which of the following activities helps to prevent existing vulnerabilities in applications from being exploited?

Exception handling

Fuzzing

Updating to the latest software version or patch

Answer 5

Updating to the latest software version or patch

Application vendors will release updated software versions of their product or provide a security patch to resolve any security vulnerabilities in previous versions of the software. It is a best practice to always keep your application software up to date

Question 6

An executive is traveling with his laptop computer to a conference. The contents of his laptop contain very confidential product information, including development specifications and product road maps. Which of the following techniques can be implemented to protect the confidentiality of the data on the laptop?

Make sure all software is up to date.

Password-protect the laptop BIOS.

Encrypt the hard drive using a TPM.

Answer 6

Encrypt the hard drive using a TPM.

A trusted platform module (TPM) allows the contents of the hard drive to be encrypted with encryption keys that are stored on the TPM chip, which can only be accessed by the end user. This prevents an unauthorized user from accessing the hard drive contents of equipment

Question 7

You have had several instances of product development plans for your company being leaked to other rival companies. Which data loss prevention technique can you use to prevent these documents from leaving your organization’s networks?

Use Secure FTP for file transfers.

Block access to file-sharing websites.

Use a content filter to block development documents from being sent outbound.

Answer 7

Use a content filter to block development documents from being sent outbound.

Using a content filter on your outbound traffic, you can detect and block development documents that are being sent outbound via e-mail attachments, IM file transfers, FTP, and web uploads

Question 8

During testing of a web application, you discover that due to poor input validation, you can easily crash the server by entering values in the input forms much greater than the system can handle. What type of vulnerability is this?

Session hijacking

Buffer overflow

Privilege escalation

Answer 8

Buffer overflow

Buffer overflows are caused primarily by poor input validation that allows illegal data to be entered into the application, causing processing limits to be exceeded