Question 1

A public key infrastructure (PKI) allows:

Options :

A : Organizations to communicate securely

B : Encrypted authentication

C : All answers are correct

D : The passing of digital certificates

Answer: C

Question 2

Quantitative risk assessment differs from qualitative risk assessment in that it predicts attacks based on what?

Options :

A : Penetration tests

B : Historical loss information

C : Projections based on qualitative factors

D : Zero-day loss information

Answer: B

Question 3

The attack surface of software is the code within the system that can be:

Options :

A : Run without user permission

B : Leads to buffer overflows and injection attacks

C : All answers are correct

D : Accessed by unauthorized parties

Answer: D

Question 4

End-of-life (EOL) policies should include what? (Choose all that apply.)

Options :

A : Versioning information

B : Key escrow

C : Data escrow

D : Duration of technical support

Answer: A,D

Question 5

Which of the following are examples of the application programming interface (API)? Each correct answer represents a complete solution. Choose three

Options :

A : HTML

B : PHP

C : NET

D : Perl

Answer: B,C,D