TestOut SecurityPro (8.2-8.5)

Which of the following information is typically not included in an access token?

Which of the following terms describes the component that is generated following authentication and is used to gain access to resources following login?

Marcus White has just been promoted to a manager. To give him access to the files that he needs, you make his user account a member of the Managers group, which has access to a special shared folder.

Later that afternoon, Marcus tells you that he is still unable to access the files reserved for the Manager's group.

What should you do? (8.3)

(8.3) Which security mechanism uses a unique list that meets the following specifications?

• The list is embedded directly in the object itself
• The list defines which subjects have access to certain objects
• The list specifies the level or type of access allowed to certain objects

(8.4) You want to prevent your browser from running JavaScript commands that are potentially harmful. Which of the following would you restrict to accomplish this?

(8.4) A programmer that fails to check the length of input before processing leaves their code vulnerable to what form of common attack?

(8.4) Which of the following is an attack that injects malicious scripts into web pages to redirect users to fake websites or gather personal information?

(8.4) When you browse to a website, a pop-up window tells you that your computer has been infected with a virus. you click on the window to see what the problem is. Later, you find out that the window has installed spyware on your system.

What type of attack has occurred?

(8.4) Which of the following are subject to SQL injection attacks?

(8.4) Having poor software development practices and failing to program input validation checks during development of custom software can result in a system vulnerable to which type of attack?