Which CVSSv3 metric value increases when the attacker is able to modify all files protected by the vulnerable
Consider a vulnerability in an Internet service such as web, email, or DNS that allows an attacker to
modify or delete all web files in a directory would incur an impact to Integrity only, rather than
Availability. The reason is that the web service is still performing properly – it just happens to be
serving back altered content.
Which process is being utilized when IPS events are removed to improve data integrity?
A. data normalization
B. data availability
C. data protection
D. data signature
Data normalization is the process of intercepting and storing incoming data so it exists in one form only.
This eliminates redundant data and protects the data’s integrity.
Which two options can be used by a threat actor to determine the role of a server? (Choose two.)
C. running processes
D. hard drive configuration
Answer: C E
You see 100 HTTP GET and POST requests for various pages on one of your web servers. The user agent in
the requests contain php code that, if executed, creates and writes to a new php file on the webserver. Which
category does this event fall under as defined in the Diamond Model of Intrusion?
C. action on objectives