ACTUAL EXAM COMPLETE ACCURATE EXAM
QUESTIONS WITH DETAILED VERIFIED ANSWERS
(100% CORRECT ANSWERS) /ALREADY GRADED A+
In what phase does the the security development life cycle
takes place in the last phase of the software development life
cycle when the
organization is preparing to release the product?
A5 Ship
What are the four phases of penetration testing?
assess, identify, evaluate and plan, and deploy.
What are scans that target security issues that are found outside
the firewall?
external scans
,What are scans that require software to log onto a system to scan
it?
authenticated scans
What are scans to identify security issues that a malicious attacker
could exploit from inside the network?
internal scans
What are scans to exploit a vulnerability when it is identified?
intrusive target search
What are regulations regarding the software licensing of in-
house products
open-source software license compliance
Which activity in the Ship (A5) phase of the security development
cycle sets requirements for quality gates that must be met
before release?
A5 policy compliance analysis
, The company's website uses query string parameters to filter
products by category. The URL, when filtering on a product
category, looks like this:
company.com/products?category=2.If the security team saw a
URL of company.com/products?category=2 OR 1=1 in the
logs, what assumption should they make?
An attacker is attempting to use SQL injection to gain access to
information.
The model used to assess the severity of a vulnerability...
Common Vulnerability Scoring System (CVSS)
The team that receives, investigates, and reports security
vulnerabilities...
Product Security Incident Response Team (PSIRT)
What is the phase of the SDLC in which organizations prepare for
vulnerabilities after the product has been released?
Post-Release Support phase
Who responds to software product security incidents that involve
the external discovery of post-release software vulnerabilities?
Post-Release PSIRT Response