1. A company is using a mobile device deployment model in which employees use their personal devices for work at their own discretion. Which of the following is a model that suit the company need?

   		BYOD
   		XYDOD
   		CYDOD
   		COPE

QUESTION 2

1. Two users want to communicate via email using unsecured channel. The system must ensure the principle of non-repudiation between the two users by signing their certificates. Which of the following should be used to sign their certificates?

   		RA
   		CSR
   		CRL
   		CA

QUESTION 3

1. A company requires users to scan their fingerprint to access an application. The developers of the application want to implement multifactor authentication. Which of the following should be implemented?

   		Implement iris recognition
   		Have users sign their name naturally
   		Hand geometry scan
   		Facial recognition using a camera

QUESTION 4

1. An employer requires that employees use a key-generating app on their mobile phones to log into the company application. With reference to authentication factor, this authentication factor is defined as:

   		Something you have
   		Something you do
   		Something you know
   		Something you are

1 points

QUESTION 5

1. With reference to physical security, a controlled access facility employs security guards who verify the authorization of all personnel entering the facility. Which of the following best describe the deployed security control?

   		Compensating
   		Administrative
   		Deterrence
   		Corrective

1 points

QUESTION 6

1. Which of the following can be provided to AAA server in an identification process?

   		Permissions
   		Username
   		Private certificate
   		Access control

1 points

QUESTION 7

1. A developer added a special function in a .php file that will remove semicolons, dashes, quotes and comma from an input filed that accept a string data type. Which of the following attacks this function will help to stop?

   		Error handling to protect against website exploitation.
   		Input validation to protect against SQL injection.
   		Padding to protect against string buffer overflows.
   		Exception handling to protect against XSRF attack.

1 points

QUESTION 8

1. A user account lockout after five unsuccessful login attempts. The user account is repeatedly locked out over a period of a workweek. Which of the following types of attack MOST likely happening?

   		MITM Attack
   		Brute Force
   		Dictionary Attack
   		Social Engineering

1 points

QUESTION 9

1. A security analyst is hardening a web server that only host and run web service, which of following ports and protocols should be enabled?

   		FTP over port 21
   		Telnet over port 23
   		HTTPS over port 443
   		IMAP over port 143

1 points

QUESTION 10

1. A software developer company is using a special tool to review a code to find vulnerabilities in its applications. Which of the following describes the case in which the tool incorrectly identities the vulnerability?

   		True negative
   		False negative
   		False positive
   		True positive