QUESTION: 77

What is the role of test automation in security testing?

It is an option but it tends to be very expensive.
It should be used exclusively. Manual testing is outdated because of low speed and possible test setup inconsistencies.
Test automation is not usable in security due to the complexity of the tests.
It can accelerate benchmark tests and repeat them with a consistent test setup. But it cannot replace manual testing completely.

Answer(s): D

Your company performs penetration tests and security assessments for small and medium-sized business in the local area. During a routine security assessment, you discover information that suggests your client is involved with human trafficking.

What should you do?

Confront the client in a respectful manner and ask her about the data.
Copy the data to removable media and keep it in case you need it.
Ignore the data and continue the assessment until completed as agreed.
Immediately stop work and contact the proper legal authorities.

Answer(s): D

Show Answer Next Question

QUESTION: 79

While using your bank’s online servicing you notice the following string in the URL bar: “http://www.MyPersonalBank.com/account?id=368940911028389&Damount=10980&Camount=21”

You observe that if you modify the Damount&Camount values and submit the request, that data on the web page reflect the changes.

Which type of vulnerability is present on this site?

Cookie Tampering
SQL Injection
Web Parameter Tampering
XSS Reflection

Answer(s): C

Show Answer Next Question

QUESTION: 80

The establishment of a TCP connection involves a negotiation called three-way handshake. What type of message does the client send to the server in order to begin this negotiation?

ACK
SYN
RST
SYN-ACK

Answer(s): B

Show Answer Next Question

Free EC-Council 312-50v12 Exam Braindumps (page: 21)

QUESTION: 77

QUESTION: 78

QUESTION: 79

QUESTION: 80

312-50v12 Exam Discussions & Posts