Certificate Mismatch Attack and Scalable Infrastructure Solution

Questions and Answers

What type of attack is described when a user is presented with a certificate mismatch warning from the browser?

• Phishing attack
• Man-in-the-middle (MitM) attack (correct)
• Cross-site scripting (XSS) attack
• SQL injection attack

Which solution would BEST meet the requirements of providing increased scalability and flexibility for back-end infrastructure without disrupting services?

• Containerization with Docker (correct)
• Load balancer implementation
• Virtual machine migration
• Database sharding

What describes a social engineering technique that seeks to exploit a person's sense of urgency?

• Quid pro quo
• Pretexting
• Baiting
• Scarcity (correct)

What should a security professional implement to satisfy both the CPO's and the development team's requirements regarding the use of PII in the development environment?

Anonymization and pseudonymization techniques (D)

What should the company do to assign different DLP rules based on the type of data hosted on the file server?

Implement classification-based DLP rules (A)

Which policy should the CISO use to prevent someone from using the exfiltrated credentials?

Enforce multi-factor authentication (D)

What type of certificate should the company implement to simplify the certificate management process for its single domain and several dozen subdomains?

Wildcard certificate (B)

Flashcards are hidden until you start studying