CIS 502 Midterm Set 2 CIS 502 Midterm Set 2

• 25 What is the best defense against social engineering? • 26 users • The following are valid reasons to reduce the level of privilege for workstation 27 The purpose for putting a “canary” value in the stack is: • 28 An organization wants to prevent SQL and script injection attacks on its Internet web application. The organization should implement a/an: • 29 The instructions contained with an object are known as its: • 30 Rootkits can be difficult to detect because: • 31 A user, Bill, has posted a link on a web site that causes unsuspecting users to transfer money to Bill if they click the link. The link will only work for users who happen to be authenticated to the bank that is the target of the link. This is known as: • 32 An attack on a DNS server to implant forged “A” records is characteristic of a: • 33 “Safe languages” and “safe libraries” are so-called because: • 34 A defense in depth strategy for anti-malware is recommended because: • 35 The most effective countermeasures against input attacks are:

CIS 502 Midterm Set 2 CIS 502 Midterm Set 2 | Page 4