Study Guide 401-500 Flashcards
(100 cards)
The private key for a website was stolen, and a new certificate has been issued. Which of the following needs to be updated next?
A. SCEP B. CRL C. OCSP D. CSR
B. CRL
Which of the following organizational documents is most often used to establish and communicate expectations associated with integrity and ethical behavior within an organization?
A. AUP B. SLA C. EULA D. MOA
A. AUP
Which of the following explains how to determine the global regulations that data is subject to regardless of the country where the data is stored?
A. Geographic dispersion B. Data sovereignty C. Geographic restrictions D. Data segmentation
B. Data sovereignty
An organization’s web servers host an online ordering system. The organization discovers that the servers are vulnerable to a malicious JavaScript injection, which could allow attackers to access customer payment information. Which of the following mitigation strategies would be most effective for preventing an attack on the organization’s web servers? (Choose two.)
A. Regularly updating server software and patches B. Implementing strong password policies C. Encrypting sensitive data at rest and in transit D. Utilizing a web-application firewall E. Performing regular vulnerability scans F. Removing payment information from the servers
A. Regularly updating server software and patches
D. Utilizing a web-application firewall
