Uncategorized

22 Jul

Posted at 17:28h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. When creating a digital certificate, what person or entity is responsible for creating the digital signature on the certificate? A. Registration Authority B. Certificate Authority C. Certificate Subject D. Certificate Requestor Correct Answer: B The digital signature on a certificate is created by the certificate authority using that certificate authority's private key. Anyone using the certificate can verify the signature with the certificate authority's public key. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

22 Jul

Posted at 17:17h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Which one of the following security testing programs is designed to attract the participation of external testers and incentivize them to uncover security? A. Bug Bounty B. Penetration Test C. Internal Vulnerability Scan D. External Vulnerability Scan Correct Answer: A Bug bounty programs are specifically designed to solicit bug reports from external security testers. Vulnerability scans (whether internal or external) and penetration tests are run by, or on behalf of, an organization's own security team. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

29 Jun

Posted at 14:27h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Twyla recently completed an assessment of her organization's call center and found that representatives discard paper notes from their calls with customers without shredding. What type of social engineering attack does this practice make her organization vulnerable to?A. Dumpster diving B. Shoulder surfing C. Tailgating D. Skimming Correct Answer: A Discarding notes containing customer information leaves the organization vulnerable to a dumpster diving attack where the attacker retrieves those records from the trash. Twyla should ensure that her organization shreds these records before discarding them. In a shoulder surfing attack, the attacker views a user's computer while they are entering or viewing sensitive information. Tailgating attacks seek to gain access to physical facilities by following an authorized user. Skimming attacks seek to gain credit card numbers by attaching false readers to legitimate credit card acceptance units. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...