Online Access Free 412-79v9 Exam Questions

Which of the following acts related to information security in the US establish that the management of an organization is responsible for establishing and maintaining an adequate internal control structure and procedures for financial reporting?

• A.California SB 1386
• B.Gramm-Leach-Bliley Act (GLBA)
• C.Sarbanes-Oxley 2002
• D.USA Patriot Act 2001

Which one of the following architectures has the drawback of internally considering the hosted services individually?

• A.Strong Screened-Subnet Architecture
• B."Three-Homed Firewall" DMZ Architecture
• C."Inside Versus Outside" Architecture
• D.Weak Screened Subnet Architecture

Mason is footprinting an organization to gather competitive intelligence. He visits the company's website for contact information and telephone numbers but does not find any.
He knows the entire staff directory was listed on their website 12 months. How can he find the directory?

• A.Visit Google's search engine and view the cached copy
• B.Crawl and download the entire website using the Surfoffline tool and save them to his computer
• C.Visit the company's partners' and customers' website for this information
• D.Use WayBackMachine in Archive.org web site to retrieve the Internet archive

Application security assessment is one of the activity that a pen tester performs in the attack phase. It is designed to identify and assess threats to the organization through bespoke, proprietary applications or systems. It checks the application so that a malicious user cannot access, modify, or destroy data or services within the system.

Identify the type of application security assessment which analyzes the application-based code to confirm that it does not contain any sensitive information that an attacker might use to exploit an application.

• A.Functionality Testing
• B.Authorization Testing
• C.Web Penetration Testing
• D.Source Code Review

Which of the following contents of a pen testing project plan addresses the strengths, weaknesses, opportunities, and threats involved in the project?

• A.Assumptions
• B.Objectives
• C.Project Goal
• D.Success Factors