Sign up to save your podcasts
Or
Share RCR 080: Creating a Secure Development Environment - CISSP Training and Study!
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
RCR 080: Creating a Secure Development Environment - CISSP Training and Study!
Shon Gerber from ShonGerber.com provides you the information and knowledge you need to prepare and pass the CISSP Exam while providing the tools you need to enhance your cybersecurity career. Shon utilizes his expansive knowledge while providing superior training from his years of training people in cybersecurity.
In this episode, Shon will provide CISSP training for Domain 8 (Software Development Security) of the CISSP Exam. His extensive training will cover all of the CISSP domains.
BTW - Get access to all my CISSP Training Courses here at: https://shongerber.com/
CISSP Exam Questions
Question: 122
What type of reconnaissance attack provides attackers with useful information about the services running on a system?
- A) Session hijacking
- B) Port scan
- C) Dumpster diving
- D) IP sweep
Port scan
Port scans reveal the ports associated with services running on a machine and available to the public.
From https://www.brainscape.com/flashcards/software-development-security-976024/packs/1774328
------------------------------------
Question: 123
What technology does the Java language use to minimize the threat posed by applets?
- A) Confidentiality
- B) Encryption
- C) Stealth
- D) Sandbox
Sandbox
The Java sandbox isolates applets and allows them to run within a protected environment, limiting the effect they may have on the rest of the system.
From https://www.brainscape.com/flashcards/software-development-security-976024/packs/1774328
------------------------------------
Question: 124
What is the most effective defense against cross-site scripting attacks?
- A) Limiting account privileges
- B) Input validation
- C) User authentication
- D) Encryption
Input validation
Input validation prevents cross-site scripting attacks by limiting user input to a predefined range. This prevents the attacker from including the HTML
From https://www.brainscape.com/flashcards/software-development-security-976024/packs/1774328
------------------------------------
Want to find Shon elsewhere on the internet?
LinkedIn – www.linkedin.com/in/shongerber
Facebook - https://www.facebook.com/CyberRiskReduced/
LINKS:
- ISC2 Training Study Guide
-
- https://www.isc2.org/Training/Self-Study-Resources
Gain access to 30 FREE CISSP Exam Questions each and every month by going to FreeCISSPQuestions.com and sign-up to join the team for Free.
View all episodes
By Shon Gerber, vCISO, CISSP, Cyber Security Consultant, Author and EntrepreneurShon Gerber from ShonGerber.com provides you the information and knowledge you need to prepare and pass the CISSP Exam while providing the tools you need to enhance your cybersecurity career. Shon utilizes his expansive knowledge while providing superior training from his years of training people in cybersecurity.
In this episode, Shon will provide CISSP training for Domain 8 (Software Development Security) of the CISSP Exam. His extensive training will cover all of the CISSP domains.
BTW - Get access to all my CISSP Training Courses here at: https://shongerber.com/
CISSP Exam Questions
Question: 122
What type of reconnaissance attack provides attackers with useful information about the services running on a system?
- A) Session hijacking
- B) Port scan
- C) Dumpster diving
- D) IP sweep
Port scan
Port scans reveal the ports associated with services running on a machine and available to the public.
From https://www.brainscape.com/flashcards/software-development-security-976024/packs/1774328
------------------------------------
Question: 123
What technology does the Java language use to minimize the threat posed by applets?
- A) Confidentiality
- B) Encryption
- C) Stealth
- D) Sandbox
Sandbox
The Java sandbox isolates applets and allows them to run within a protected environment, limiting the effect they may have on the rest of the system.
From https://www.brainscape.com/flashcards/software-development-security-976024/packs/1774328
------------------------------------
Question: 124
What is the most effective defense against cross-site scripting attacks?
- A) Limiting account privileges
- B) Input validation
- C) User authentication
- D) Encryption
Input validation
Input validation prevents cross-site scripting attacks by limiting user input to a predefined range. This prevents the attacker from including the HTML
From https://www.brainscape.com/flashcards/software-development-security-976024/packs/1774328
------------------------------------
Want to find Shon elsewhere on the internet?
LinkedIn – www.linkedin.com/in/shongerber
Facebook - https://www.facebook.com/CyberRiskReduced/
LINKS:
- ISC2 Training Study Guide
-
- https://www.isc2.org/Training/Self-Study-Resources
Gain access to 30 FREE CISSP Exam Questions each and every month by going to FreeCISSPQuestions.com and sign-up to join the team for Free.