Tagged: 210-255 Exam Dumps

210-255 Dumps | Which CVSSv3 metric value increases when the attacker is….

Question 8:

Which CVSSv3 metric value increases when the attacker is able to modify all files protected by the vulnerable
component?
A. confidentiality
B. integrity
C. availability
D. complexity
Answer: B
Explanation:
Consider a vulnerability in an Internet service such as web, email, or DNS that allows an attacker to
modify or delete all web files in a directory would incur an impact to Integrity only, rather than
Availability. The reason is that the web service is still performing properly – it just happens to be
serving back altered content.

210-255 Dumps | Which process is being utilized when IPS events are removed….

Question 5:

Which process is being utilized when IPS events are removed to improve data integrity?
A. data normalization
B. data availability
C. data protection
D. data signature
Answer: A
Explanation
Data normalization is the process of intercepting and storing incoming data so it exists in one form only.
This eliminates redundant data and protects the data’s integrity.
Link: https://www.helpnetsecurity.com/2013/01/07/the-importance-of-data-normalization-in-ips/

210-255 Exam Dumps | You see 100 HTTP GET and POST requests for various pages on….

Question 3:

You see 100 HTTP GET and POST requests for various pages on one of your web servers. The user agent in
the requests contain php code that, if executed, creates and writes to a new php file on the webserver. Which
category does this event fall under as defined in the Diamond Model of Intrusion?
A. delivery
B. reconnaissance
C. action on objectives
D. installation
E. exploitation
Answer: A