WGU C172 - Attacks, Threats, Risks, and Vulnerabilities Questions With 100% Correct Answers.

penetration testers - This InfoSec job is tasked with attempting to compromise a network's security. Insider Threats - Some of the most potent threats come from people within your organization. Because they have legitimate access to systems, they are in a position to hack from the inside of the network, often undetected. Insider Threats - A disgruntled insider may have a motive. Whenever you combine motive and opportunity, you have a substantially increased risk of trouble. SQL Injection - Attackers take control of the database by entering SQL into the input boxes on a website instead of entering basic text. Vulnerability Testers - This InfoSec job is tasked with scanning servers & network devices for known vulnerabilities. Application (7) Review source code & validate all user-entered data. Firewall: use reverse proxy system and scan incoming packets for malicious behavior. Use web-application firewall with rules to filter dangerous requests. Enable NX-bit (no-execute) functionality on physical computer. - The method used to mitigate an SQL Injection attack. Buffer Overflow - similar to SQL Injection but instead of SQL, they enter too much information into the form which causes the app to crash or other damage. Application (7) Coding to prevent too much input.Firewall to prevent suspicious data from being sent. Enable NX-bit (no-execute) functionality on physical computer. - The method used to mitigate a Buffer Overflow attack.Database Control - SQL Injection and Buffer Overflow