an organization was recently compromised by an attacker who used a server certificate with the company’s...
an organization was recently compromised by an attacker who used a server certificate with the company’s domain issued by an irreputable ca. which of the following should be used to mitigate this risk in the future?
a. ocsp
b. dnssec
c. certificate pinning
d. key escrow
Homework Answers
Add Answer to:
an organization was recently compromised by an attacker who used
a server certificate with the company’s...
A cybersecurity analyst detected that an attacker compromised a network and downloaded an executable. Through analysis,...
A cybersecurity analyst detected that an attacker compromised a network and downloaded an executable. Through analysis, the analyst discovered the executable deleted all linux server files and backups using the rm -rf command. Which of the following are the NEXT phases for handling this incident? (Select TWO). A Containment, eradication, and recovery B Detection and analysis C Eradication D Containment, recovery, and eradication E Post-incident Post-analysis
8:38 A software developer wants to ensure that the application is verifying that a key is...
8:38 A software developer wants to ensure that the application is verifying that a key is valid before establishing SSL connections with random remote hosts on the Internet. Which of the following should be used in the code? (Select TWO.) A. Escrowed keys B. SSL symmetric encryption key C. Software code private key D. Remote server public key A Chief Information Security Officer (CISO) for a school district wants to enable SSL to protect all of the public-facing servers in...
A security engineer wants to add SSL to the public web server. Which of the following...
A security engineer wants to add SSL to the public web server. Which of the following would be
A. Download the web certificateB. Install the intermediate certificateC. Generate a CSRD. Encrypt the private key
A security engineer wants to add SSL to the public web server. Which of the following would be the On Download the web certificate Install the intermediate certificate. Generate a CSR. Encrypt the private key.
41. Which of the following cipher systems uses polyalphabetic substitution? A. Vigenère B. Substitution C. Transposition...
41. Which of the following cipher systems uses polyalphabetic substitution? A. Vigenère B. Substitution C. Transposition D. Shift 42. Which encryption algorithm can have key sizes of 128, 192, and 256 bits, with the key size affecting the number of rounds used in the algorithm? A. SHA B. RC С. AES D. DES 43. Which of the following security principles ensures that the sender and the recipient of a message are informed that the message was not altered in transmission?...
D) certificate of deposit 52) Which of the following is used to back international sales of...
D) certificate of deposit 52) Which of the following is used to back international sales of goods and services? A) commercial paper B) bankers' acceptance C) eurodollar deposits D) certificate of deposit 52)
A security administrator has uncovered a covert channel used to exfiltrate confidential data from an internal...
A security administrator has uncovered a covert channel used to exfiltrate confidential data from an internal database server through a compromised corporate web server. Ongoing exfiltration is accomplished by embedding a small amount of data extracted from the database into the metadata of images served by the web server. File timestamps suggest that the server was initially compromised six months ago using a common server misconfiguration. Which of the following BEST describes the type of threat being used? (choose one...
Question 7(1 point) An attacker to a network is using social engineering to attack a network....
Question 7(1 point) An attacker to a network is using social engineering to attack a network. This means which of the following? (Select all that apply) a b C d The attacker uses a dictionary attack. The attacker uses packet sniffing. The attacker claims to be from network support. The attacker is sifting through discarded trash. Question 8(1 point) The network administrator suspects that packet sniffing is being used to capture data packets in the network. The network administrator is...
The common goal of all financial statements users is to evaluate a company’s past and current...
The common goal of all financial statements users is to evaluate a company’s past and current performance, its current financial position, and its future performance and risk. Financial statement analysis focuses on four key building blocks of review; which of the following is not one of these focuses? A. Profitability. B. Business entity type. C. Market prospects. D. Solvency. E. Liquidity and efficiency.
D Question 18 4 pts Which of the following statements is incorrect about Management of Public...
D Question 18 4 pts Which of the following statements is incorrect about Management of Public Keys? • public-key cryptography makes it possible for people who do not share a common key in advance to communicate securely; if Alice and Bob do not know each other and Alice wants to obtain Bob's public key, he can simply post it on his web site an organization that certifies public keys is called a Certification Authority (CA), it issues aj certificate after...
QUESTION 2 Ensuring that data is genuine, meaning that the sender of the data is who...
QUESTION 2 Ensuring that data is genuine, meaning that the sender of the data is who they say they are, that the data received is the data that the sender meant to send, and that the receiver is who they say they are a. confidentiality b. authentication c. non-repudiation d. integrity 2 points QUESTION 3 Cryptography method that uses a single key for both encryption and decryption a. prime factorization b. asymmetric c. symmetric d. message authentication code 2...
8:38 A software developer wants to ensure that the application is verifying that a key is valid before establishing SSL connections with random remote hosts on the Internet. Which of the following should be used in the code? (Select TWO.) A. Escrowed keys B. SSL symmetric encryption key C. Software code private key D. Remote server public key A Chief Information Security Officer (CISO) for a school district wants to enable SSL to protect all of the public-facing servers in...
A security engineer wants to add SSL to the public web server. Which of the following would be
A. Download the web certificateB. Install the intermediate certificateC. Generate a CSRD. Encrypt the private key
A security engineer wants to add SSL to the public web server. Which of the following would be the On Download the web certificate Install the intermediate certificate. Generate a CSR. Encrypt the private key.
41. Which of the following cipher systems uses polyalphabetic substitution? A. Vigenère B. Substitution C. Transposition D. Shift 42. Which encryption algorithm can have key sizes of 128, 192, and 256 bits, with the key size affecting the number of rounds used in the algorithm? A. SHA B. RC С. AES D. DES 43. Which of the following security principles ensures that the sender and the recipient of a message are informed that the message was not altered in transmission?...
D) certificate of deposit 52) Which of the following is used to back international sales of goods and services? A) commercial paper B) bankers' acceptance C) eurodollar deposits D) certificate of deposit 52)
Question 7(1 point) An attacker to a network is using social engineering to attack a network. This means which of the following? (Select all that apply) a b C d The attacker uses a dictionary attack. The attacker uses packet sniffing. The attacker claims to be from network support. The attacker is sifting through discarded trash. Question 8(1 point) The network administrator suspects that packet sniffing is being used to capture data packets in the network. The network administrator is...
D Question 18 4 pts Which of the following statements is incorrect about Management of Public Keys? • public-key cryptography makes it possible for people who do not share a common key in advance to communicate securely; if Alice and Bob do not know each other and Alice wants to obtain Bob's public key, he can simply post it on his web site an organization that certifies public keys is called a Certification Authority (CA), it issues aj certificate after...
Most questions answered within 3 hours.
-
Where is the error in this code sequence?
String s1 = "Hello";
String s2 = "ello";...
asked 10 months ago -
Financial data for Joel de Paris, Inc., for last year
follow:
Joel de Paris, Inc.
Balance...
asked 10 months ago -
Consider this reaction:
Al2(SO4)3 (aq)+ BaCl3
(aq) Al2Cl6 (aq)- +
3BaSO4(s) . What is the...
asked 10 months ago -
Suppose that Savneet is considering increasing her
recent random sample from 20 car rentals to 40...
asked 10 months ago -
Trucks arrive at an unloading terminal at an average rate of 120
per hour.
Trucks arrive...
asked 10 months ago -
Why are methanol and ethanol completely soluble in water while
octanol is not very little soluble....
asked 10 months ago -
A facilities manager at a university reads in a research report
that the mean amount of...
asked 10 months ago -
When the CuSO4 is rehydrated by adding water to the anhydrous
compound, is this an endothermic...
asked 10 months ago -
A ray of sunlight is passing from diamond into crown glass; the
angle of incidence is...
asked 10 months ago -
A block of mass 0.249 kg is placed on top of a light, vertical
spring of...
asked 10 months ago -
how do the kidneys compensate in the presences of acidosis
a) trigger hyperventilate
b) reserve acid...
asked 10 months ago -
Question 501 pts
The rental rate of capital to the firm increases. Which of the
following...
asked 10 months ago