July 2018

Article

Preparing for your next security certification exam?  After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, or SSCP certification to receive new questions each week.  You'll also receive free access to my customized study strategies.   Harold is designing an access control system that will require the concurrence of two system administrators to gain emergency access to a root password. What security principle is he most directly enforcing?   A. Least privilege B. Separation of duties C. Security through obscurity D. Two-person control. Correct Answer: D Systems that require two individuals to concur before performing a single action follow the principle of two-person control. There is no indication in the question that the control also enforces separation of duties or least privilege. There is also no indication that the mechanism relies upon the dangerous practice of security through obscurity.   Would you like to receive free practice test questions on a weekly basis? Sign up for the free CertMike study groups for the CISSP, Security+, SSCP, or CySA+ exam....

Preparing for your next security certification exam?  After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, or SSCP certification to receive new questions each week.  You'll also receive free access to my customized study strategies.   Which one of the following characters is most important to restrict when performing input validation to protect against XSS attacks?   A. ' B. ! C. < D. $   Correct Answer: C   Cross-site scripting relies upon embedding HTML tags in stored or reflected input. The < and > characters are used to denote HTML tags and should be carefully managed when seen in user input.  Learn more about cross-site scripting attacks.   Would you like to receive free practice test questions on a weekly basis? Sign up for the free CertMike study groups for the CISSP, Security+, SSCP, or CySA+ exam....