Module 8 final exam
Question 1 (1 point) Question 1 Unsaved
What protocol should be used when transferring confidential
data in a Web application?
Question 1 options:
HTTP
SMTP
FTP
HTTPS
Save
Question 2 (1 point) Question 2 Unsaved
An online merchant that experiences a security breach and
found not to be in compliance with PCI DSS can:
Question 2 options:
all of the above.
suffer monetary loss.
lose their reputation.
have lawsuits directed against them.
Save
Question 3 (1 point) Question 3 Unsaved
What does XSS exploit in a Web application?
Question 3 options:
Buffer overflows
Invalidated user input
Misconfigured servers
Weak accountability
Save
Question 4 (1 point) Question 4 Unsaved
What is the first step when performing a Web site security
assessment?
Question 4 options:
Identify the components that make up the Web site.
Perform penetration testing to discover vulnerabilities.
Test forms for input validation.
Attempt to escalate privileges on the Web site.
Save
Question 5 (1 point) Question 5 Unsaved
When using an endpoint device, for which type of
communication do you need to install software to encrypt communications?
Question 5 options:
Cellular voice
Internet browsing
Instant messaging/chat
Save
Question 6 (1 point) Question 6 Unsaved
An extension of SMS that allows a user to send and receive
multimedia is called __________.
Question 6 options:
VMS
LMS
BMS
MMS
Save
Question 7 (1 point) Question 7 Unsaved
Which Web technology allows a Web application’s logged-on
users to use the application continuously without having to log in each time a
page is refreshed?
Question 7 options:
Session management
HTTP management
Elevation of privileges
Fault tolerance
Save
Question 8 (1 point) Question 8 Unsaved
The central router or switching device for handling
telephone traffic is referred to as __________.
Question 8 options:
PBX
TSX
TRX
PTX
Save
Question 9 (1 point) Question 9 Unsaved
Which of the following merchant levels must scan the
networks at least quarterly to be in compliance with PCI DSS?
Question 9 options:
Level 3 (20,000 to 1 million transactions a year)
Level 2 (1 million to 6 million transactions a year)
All merchants, no matter the size, must scan at least
quarterly
Level 1 (more than 6 million transactions a year)
Save
Question 10 (1 point) Question 10 Unsaved
Which of the following is not considered a best practice for
improving the security of a mobile device?
Question 10 options:
Install or enable a firewall.
Ensure the browser supports SSL.
Install or enable anti-malware functionality.
Disable the encryption feature.
Save
Previous PageNext Page
Question 11 (1 point) Question 11 Unsaved
Which of the following can help you pinpoint problems with
an e-commerce site?
Question 11 options:
All of the above
Visitor paths
Shopping cart abandonment statistics
Bounce rate
Save
Question 12 (1 point) Question 12 Unsaved
An e-commerce Web site that processes credit cards must
comply with:
Question 12 options:
PCI DSS
HIPAA
Federal regulations
World Wide Web consortium standards
Save
Question 13 (1 point) Question 13 Unsaved
You are designing a Web site that showcases and sells fine
jewelry. Which of the following will be the most useful to your visitors?
Question 13 options:
A call to action
A link to the About Us tab
Clear images
A benefits statement
Save
Question 14 (1 point) Question 14 Unsaved
What is a markup language that uses code for formatting a
Web site within a text file?
Question 14 options:
SSL
HTTP
TCP/IP
HTML
Save
Question 15 (1 point) Question 15 Unsaved
After deploying a Web site application in a production
environment, which of the following requires the quickest response time by
developers?
Question 15 options:
Responding to a security breach
Responding to user feedback regarding a usability suggestion
Enhancing features
Responding to intermittent error messages about a resource
limitation
Save
Question 16 (1 point) Question 16 Unsaved
Consider a person who logs into a Web site with a username
and password. Which process allows the user access based upon correct
credentials?
Question 16 options:
Authorization
Authentication
Accountability
Auditing
Save
Question 17 (1 point) Question 17 Unsaved
What is the secure version of Hypertext Transfer Protocol?
Question 17 options:
SFTP
HTTPS
SSH
E-HTTP
Save
Question 18 (1 point) Question 18 Unsaved
Which of the following is not an example of
store-and-forward communication?
Question 18 options:
Voice mail
A message on Facebook
Presence/availability
E-mail
Save
Question 19 (1 point) Question 19 Unsaved
What is generally not a best practice for implementing VoIP?
Question 19 options:
Patch systems and keep antivirus software up to date.
Use VLANs to protect and prioritize VoIP traffic.
Do not use VPNs.
Segregate traffic from data network.
Save
Question 20 (1 point) Question 20 Unsaved
Which of the following is a best practice for performing a
security assessment and vulnerability scan?
Question 20 options:
Ensuring that system administrators are unaware of the
planned attacks.
Using multiple tools for the same function.
Hiring a black-hat hacker to perform the planned attacks.
Ignoring authenticated testing and relying on
non-authenticated scans.
Question 21 (1 point) Question 21 Unsaved
Which of the following techniques is recommended for VoIP
traffic to avoid attacks on the data network?
Question 21 options:
Use an IDS.
Purchase a different domain name for the IP address use.
Use VLANs.
Disallow network traffic from the firewall.
Save
Question 22 (1 point) Question 22 Unsaved
Which phase of a Web security assessment involves conducting
fingerprinting to help identify the components of the Web site platform?
Question 22 options:
Penetration
Enumeration
Report
Attack
Save
Question 23 (1 point) Question 23 Unsaved
Which of the following statements best describes bounce
rate?
Question 23 options:
The rate of single-page visits to the Web site
The rate of users who reload the Web page
The rate of users who have server reset timeouts
The rate of users who have experienced an error message
Save
Question 24 (1 point) Question 24 Unsaved
During which aspect of a multimedia connection does SIP
discover and detect the user to be reached?
Question 24 options:
User capabilities
User location
User availability
Session setup
Save
Question 25 (1 point) Question 25 Unsaved
Which of the following is not one of the twelve requirements
for PCI DSS compliance?
Question 25 options:
Regularly test security systems and processes.
Maintain a policy that addresses security for employees and
contractors.
Track and monitor all access to network resources and
cardholder data.
Never store any of the cardholder’s information in a
database or other storage mechanism.
Save
Question 26 (1 point) Question 26 Unsaved
Your company is preparing to launch an SQL database with a
custom front-end interface. You are working with the development team on
protection strategies. Of the following, which is the best choice for
protecting your new SQL database and its contents?
Question 26 options:
Allow only administrative accounts to access the database.
Duplicate data within the database for redundancy purposes.
Use input validation.
Use many different and detailed error messages so that users
can be exact when reporting problems to tech support.
Save
Question 27 (1 point) Question 27 Unsaved
How are dynamic Web applications that accept user input
susceptible to insecure coding practices?
Question 27 options:
Developers can fail to properly validate input on the client
side.
User data can be authenticated but not validated.
Encrypted user connections expose programming security
holes.
Developers can fail to properly validate data on the server
side.
Save
Question 28 (1 point) Question 28 Unsaved
Consider a person who logs into a Web site with a username
and password. Which process tracks mechanisms used to keep a record of events
on the system?
Question 28 options:
Authorization
Auditing
Accountability
Authentication
Save
Question 29 (1 point) Question 29 Unsaved
What is the primary purpose of the headline on a Web page?
Question 29 options:
To attract visitorsâ attention and entice them to keep
reading
To tell your visitors what to do on your Web site
To ensure a higher SEO ranking
To show how your product or service solves an immediate
problem
Save
Question 30 (1 point) Question 30 Unsaved
You suspect that visitors are having difficulties navigating
your Web site. Which Web site analytic statistic can help you determine if this
is true?
Question 30 options:
Network performance
Shopping cart abandonment
Visitor location
Visitor path
Save
Previous PageNext Page
Our Service Charter
-
Excellent Quality / 100% Plagiarism-Free
We employ a number of measures to ensure top quality essays. The papers go through a system of quality control prior to delivery. We run plagiarism checks on each paper to ensure that they will be 100% plagiarism-free. So, only clean copies hit customers’ emails. We also never resell the papers completed by our writers. So, once it is checked using a plagiarism checker, the paper will be unique. Speaking of the academic writing standards, we will stick to the assignment brief given by the customer and assign the perfect writer. By saying “the perfect writer” we mean the one having an academic degree in the customer’s study field and positive feedback from other customers. -
Free Revisions
We keep the quality bar of all papers high. But in case you need some extra brilliance to the paper, here’s what to do. First of all, you can choose a top writer. It means that we will assign an expert with a degree in your subject. And secondly, you can rely on our editing services. Our editors will revise your papers, checking whether or not they comply with high standards of academic writing. In addition, editing entails adjusting content if it’s off the topic, adding more sources, refining the language style, and making sure the referencing style is followed. -
Confidentiality / 100% No Disclosure
We make sure that clients’ personal data remains confidential and is not exploited for any purposes beyond those related to our services. We only ask you to provide us with the information that is required to produce the paper according to your writing needs. Please note that the payment info is protected as well. Feel free to refer to the support team for more information about our payment methods. The fact that you used our service is kept secret due to the advanced security standards. So, you can be sure that no one will find out that you got a paper from our writing service. -
Money Back Guarantee
If the writer doesn’t address all the questions on your assignment brief or the delivered paper appears to be off the topic, you can ask for a refund. Or, if it is applicable, you can opt in for free revision within 14-30 days, depending on your paper’s length. The revision or refund request should be sent within 14 days after delivery. The customer gets 100% money-back in case they haven't downloaded the paper. All approved refunds will be returned to the customer’s credit card or Bonus Balance in a form of store credit. Take a note that we will send an extra compensation if the customers goes with a store credit. -
24/7 Customer Support
We have a support team working 24/7 ready to give your issue concerning the order their immediate attention. If you have any questions about the ordering process, communication with the writer, payment options, feel free to join live chat. Be sure to get a fast response. They can also give you the exact price quote, taking into account the timing, desired academic level of the paper, and the number of pages.