Q. What type of system is a lucrative target for attackers seeking financial gain?

View solution

Q. What standard outlines rules for the handling of credit card information and the security of devices involved in credit card transactions?

View solution

Q. Which of the following protocols is an insecure protocol that exposes users to eavesdropping attacks?

View solution

Q. What is the recommended secure replacement for Telnet when seeking to gain command-line access to a remote system?

View solution

Q. Which of the following provides a secure method to transfer files between systems?

View solution

Q. Why do vulnerability scans alert on the presence of debug modes on scanned servers?

View solution

Q. What is the recommended approach for software development in mature organizations regarding debug modes?

View solution

Q. What may vulnerability scans detect in network devices that require updates from the manufacturer?

View solution

Q. Which protocol offers a secure means to exchange information over the Internet and private networks?

View solution

Q. Why should SSL no longer be used on production systems?

View solution

Q. What is the recommended action for administrators of servers supporting outdated versions of SSL and TLS?

View solution

Q. What do SSL and TLS protocols describe in terms of cryptographic ciphers?

View solution

Q. Why is the RC4 cipher considered insecure?

View solution

Q. What is a serious error related to digital certificates?

View solution

Q. Why is the expiration of a digital certificate a significant issue?

View solution

Q. What is the primary function of the Domain Name System (DNS)?

View solution

Q. Why are DNS servers a common target for attackers and penetration testers?

View solution

Q. What is a DNS amplification attack?

View solution

Q. What can happen if a server leaks its private IP address to remote systems?

View solution

Q. Why is it important for administrators to ensure that VPN services are fully patched?

View solution