Question 1Which of the following countermeasures helps security teams prevent sensitive data from being exposed? 1 pointNever encrypt the data in transit using TLS Use AES encryption for stored data and use TLS with HSTS for incoming traffic Enable caching techniques for requests that contain sensitive information Create or use weak cryptographic algorithms 2.Question 2Which of the following countermeasure helps a security specialist defend the application against LDAP injection attacks? 1 pointMake the LDAP filter as specific as possible Never restrict the amount of data returned to the user Construct LDAP search filters by concatenating strings Use LDAP for communication over the webserver

1.Question 1Which of the following countermeasures helps security teams defend against DoS and DDoS attacks on the network and system? 1 pointDisable TCP SYN cookie protection Configure the firewall to allow external ICMP traffic access Enable unused and insecure services Prevent the use of unnecessary functions such as gets and strcpy 2.Question 2Which of the following countermeasures helps security professionals defend against DoS/DDoS attacks? 1 pointAllow the transmission of fraudulently addressed packets at the ISP level Make use of functions such as gets and strcpy Secure remote administration and connectivity testing Allow data processed by the attacker from being executed

Question 1Which of the following countermeasures help developers prevent applications from becoming vulnerable to SQL injection attacks? 1 pointDesign the code such that it traps and handles exceptions appropriately Allow entries that contain binary data, escape sequences, and comment characters Never use a prepared statement to create a parameterized query Construct dynamic SQL with concatenated input values 2.Question 2Which of the following practices helps developers defend against SQL injection attacks? 1 pointAlways construct dynamic SQL with concatenated input values Build Transact-SQL statements directly from user input Never implement multiple layers of validation Test the content of string variables and accept only expected values

Please choose the best answer from the choices belowWhich of the following countermeasures helps security professionals protect a network from session hijacking attacks?Ensure that data in transit are encryptedPass authentication cookies over HTTP connectionsNever use IPsec to encrypt session informationUse short random numbers as session keys

Which of the following countermeasures helps security professionals protect a network against DoS/DDoS attacks?Implement cognitive radios in the physical layerNever perform input validationAllow all inbound packets originating from the service portsUse functions such as gets and strcpy

1.Question 1Which of the following countermeasures helps administrators defend against webserver attacks? 1 pointInstall the IIS server on a domain controller Do not configure a separate anonymous user account for each application Screen and filter incoming traffic requests Never use a dedicated machine as a web server 2.Question 2Which of the following practices is NOT a countermeasure to defend against web server attacks? 1 pointScreen and filter incoming traffic requests Physically protect the web server machine in a secure machine room Store website files and scripts on a separate partition or drive Install IIS server on a domain controller