Which risk management response is being implemented when a company decides to close a little-used legacy web application identified as vulnerable to SQL Injection?

Which risk management response is being implemented when a company decides to close a little-used legacy web application identified as vulnerable to SQL Injection?

a. Acceptance
b. Avoidance
c. Mitigation
d. Transference

Answer: B

Learn More :

Network Security

• The use of computer analysis techniques to gather evidence for criminal and/or civil trials is known as:
• To snare intruders, many organizations now use _________ techniques.
• A fundamental technique to determine if an intrusion is in progress in a stable network is: a. anomaly detection b. armoring cable c. RSA algorithm d. patching e. scanning a user's fingerprint Answer: a. anomaly detection
• Which of the following is not a type of intrusion prevention system?
• Which of the following is not true about one-time passwords?
• Which of the following is a mode that is used by IPSec?
• IP Security Protocol:
• A __________ is a trusted organization that can vouch for the authenticity of the person or the organization using the authentication.
• __________ provide authentication which can legally prove who sent a message over a network.
• DES:
• A brute force attack against an encryption system:
• A symmetric encryption system has two parts: the key and the ____________.
• Encryption is the process of:
• A way to prevent intrusion by disguising information through algorithms is:
• Spyware, adware and DDOS agents are three types of:
• A security hole is a(n):
• A(n) _________ is a type of application level firewall that is transparent so that no other computer notices that it is on the network.
• A(n) ____________ acts an intermediate host computer or gateway between the Internet and the rest of the organization's networks.
• IP spoofing means to:
• A(n) ____________ examines the source and destination address of every network packet that passes through it.
• A __________ is a router or special purpose computer that examines packets flowing into and out of a network and restricts access to the organization's network.
• __________ refers to the process of translating between one set of private addresses inside a network and a set of public address outside the network.
• With ANI security control, the network manager:
• The use of a(n) _________ prevents unauthorized intruders from accessing a computer network because the host or server will only permit access via inbound calling from prespecified phone numbers.
• A sniffer program is a:

Share this

Share on FacebookPlus on Google+