___________________ vulnerabilities may be exploited for a man in the middle attack.Question 2Answera.Transferb.Communicationc.Datad.SharingClear my choiceQuestion 3Not yet answeredPoints out of 1.00Flag questionTipsQuestion text_______ is a desirable software trait simply because it is easier to find errors in software with this trait than it is to search through numerous classes to find errors in software that has many more unnecessary lines of code written.Question 3Answera.Traceabilityb.Predictabilityc.Dependabilityd.None of the aboveClear my choiceQuestion 4Not yet answeredPoints out of 1.00Flag questionTipsQuestion textAttackers often use _________ to force software into a stage whereby the attacker can change the value of variables in order to change the functionality of the software or gain access to the system.Question 4Answera.Countermeasureb.Vulnerabilityc.Errord.OverflowClear my choiceQuestion 5Not yet answeredPoints out of 1.00Flag questionTipsQuestion text__________ attack occurs when an attacker takes advantage of buffer data that is stored in the program's runtime stack where local variables and functions are stored in memory, making it easy for an attacker to figure out exactly which memory to overwrite.Question 5Answera.Dynamic deallocationb.Buffer deallocationc.Heap overflowd.Stack overflowClear my choice

1.Question 1What is the term for software that is designed to harm devices or networks?1 pointBugMalwareError messageSocial application2.Question 2Fill in the blank: The _____ spread globally within a couple of months due to users inserting a disk into their computers that was meant to track illegal copies of medical software. 1 pointBrain virusEquifax breachLoveLetter attackMorris worm3.Question 3Fill in the blank: Exploiting human error to gain access to private information is an example of _____ engineering.1 pointcommunicationnetworksocialdigital4.Question 4Which of the following threats are most likely to occur in the event of a phishing attack? Select all that apply. 1 pointMalicious software being deployedOvertaxing systems with too many internal emailsEmployees inadvertently revealing sensitive dataTheft of the organization’s hardware5.Question 5Which of the following tasks are part of the security and risk management domain? Select all that apply.1 pointComplianceSecuring physical assetsBusiness continuityDefining security goals and objectives6.Question 6A security professional is optimizing data security by ensuring that effective tools, systems, and processes are in place. Which domain does this scenario describe?1 pointCommunication and network securityIdentity and access managementSecurity architecture and engineeringSecurity and risk management7.Question 7Which domain involves securing digital and physical assets, as well as managing the storage, maintenance, retention, and destruction of data?1 pointCommunication and network securitySecurity assessment and testingAsset security Security operations8.Question 8Which domain involves conducting, collecting, and analyzing data, as well as conducting security audits to monitor for risks, threats, and vulnerabilities?1 pointIdentity and access managementCommunication and network securitySecurity assessment and testingSecurity and risk management9.Question 9Which of the following tasks may be part of the identity and access management domain? Select three answers.1 pointManaging and controlling physical and logical assetsEnsuring users follow established policiesSetting up an employee’s access keycard Conducting security control testing10.Question 10Which domain involves conducting investigations and implementing preventive measures?1 point Security and risk managementAsset securityIdentity and access managementSecurity operations

Question21Max. score: 1.00Which of the following is characterized by a hacker's ability to intercept the communications between two devices?Man-in-the MiddleProactive AttacksReactive malwareDenial-of-Service

n the course of selecting an effective programming language, languages that are ________ should not be used by software when security is a necessity.Question 17Answera.At risk of buffer overflowsb.Below the application levelc.Compromised by SQl injectiond.Above the physical level

___________ is a strategy in which multiple security measures are set in place to establish protective barriers across multiple layers of a system.Question 16Answera.Open designb.Economy of mechanismc.Separation of privileged.Defense in depthClear my choiceQuestion 17Not yet answeredPoints out of 1.00Flag questionTipsQuestion textRegarding secure software, _________ help developers maintain awareness of common threats and weaknesses in similar applications so that the developers may create software with the appropriate security measures in place.Question 17Answera.Vulnerability databasesb.Input validatorsc.Traceability documentsd.CountermeasuresClear my choiceQuestion 18Not yet answeredPoints out of 1.00Flag questionTipsQuestion textExploits are programs or methods that take advantage of ________, which are weaknesses in a system's design/implementation that allow an attacker to perform some malicious act.Question 18Answera.Countermeasuresb.Workaroundsc.Vulnerabilitiesd.ObfuscationsClear my choiceQuestion 19Not yet answeredPoints out of 1.00Flag questionTipsQuestion textWhat is the software trait that provides accountability for developers and is essential for computer forensics investigations?Question 19Answera.Simplicityb.Reliabilityc.Traceabilityd.None of the aboveClear my choiceQuestion 20Not yet answeredPoints out of 1.00Flag questionTipsQuestion textWhich of the following is an example of a software error?Question 20Answera.An abnormal condition that occurs when a user interacts with the software in an unexpected way.b.An incorrect line of code.c.A bad calculation that produces incorrect results.d.All of the above.

Question 3Fill in the blank: Exploiting human error to gain access to private information is an example of _____ engineering.1 pointcommunicationnetworksocialdigital