Add to collection(s) Add to saved
  1. Engineering & Technology
Uploaded by AMELIA

CREST CPSA Exam Questions & Answers (Demo)

advertisement 
CREST
CREST-CPSA
CREST Practitioner Security Analyst
Questions & Answers PDF
(Demo Version – Limited Content)
For More Information – Visit link below:
https://p2pexam.com/
Visit us at: https://p2pexam.com/crest-cpsa
Latest Version: 6.0
Question: 1
What HTTP response header can help mitigate XSS by instructing the browser not to execute scripts
from unauthorized origins?
Response:
A. Content-Type
B. X-XSS-Protection
C. Content-Security-Policy (CSP)
D. Referrer-Policy
Answer: C
Question: 2
Why is enabling the xp_cmdshell stored procedure a critical security concern in SQL Server?
Response:
A. It disables SQL logging
B. It allows command execution on the operating system level
C. It grants SA privileges to all users
D. It leaks encryption keys from the master database
Answer: B
Question: 3
What is the purpose of the DBMS_METADATA.GET_DDL function in Oracle?
Response:
A. Deletes user accounts from the database
B. Dumps full contents of a database table
C. Retrieves the DDL (schema) for database objects
D. Encrypts stored procedures
Answer: C
Visit us at: https://p2pexam.com/crest-cpsa
Question: 4
What is a key security consideration in a three-tier web architecture (presentation, application, and
database layers)?
Response:
A. Only the presentation layer requires access control
B. All tiers should use the same credentials
C. The application tier should validate all input before passing to the database
D. SSL is only necessary between users and the database
Answer: C
Question: 5
Which of the following techniques is most effective for discovering unlinked web content?
Response:
A. DNS zone transfer
B. Directory brute-forcing with a wordlist
C. Traceroute mapping
D. SSL certificate inspection
Answer: B
Question: 6
You review an Nmap scan output and observe port 80/tcp is open with a service name "http-proxy."
What does this imply?
Response:
A. The web server is using port forwarding
B. The port is misconfigured and should be closed
C. A proxy service (such as Squid) is running on that port
D. SSL encryption is enforced on that port
Answer: C
Question: 7
Visit us at: https://p2pexam.com/crest-cpsa
Which of the following fields in an IPv4 header is used for packet fragmentation and reassembly?
Response:
A. Header Checksum
B. Time to Live (TTL)
C. Identification
D. Protocol
Answer: C
Question: 8
Your customer tells you they have a Class B network. How many IP addresses does this network include?
Response:
A. 65536
B. 16
C. 16777216
D. 8192
E. 256
Answer: A
Question: 9
During traffic analysis, which layer of the OSI model would reveal source and destination MAC
addresses?
Response:
A. Layer 3 – Network
B. Layer 5 – Session
C. Layer 2 – Data Link
D. Layer 7 – Application
Answer: C
Question: 10
Which server-side language is commonly used in legacy web applications and is known for its simplicity
and wide adoption?
Response:
Visit us at: https://p2pexam.com/crest-cpsa
A. JavaScript
B. PHP
C. CSS
D. HTML
Answer: B
Visit us at: https://p2pexam.com/crest-cpsa
For More Information – Visit link below:
https://p2pexam.com/
Thanks for Using Our Product
Pass Your Certification With p2pexam Guarantee
Use coupon code “20off” for 20USD discount
Sales: sales@p2pexam.com
Support: support@p2pexam.com
Visit us at: https://p2pexam.com/crest-cpsa
Related documents
Benefits of Exercise & Physical Activity - Presentation
Benefits of Exercise & Physical Activity - Presentation
ADPHC Forms: Find Form G, G1, G2
ADPHC Forms: Find Form G, G1, G2
Poe's Purloined Letter: Summary & Analysis
Poe's Purloined Letter: Summary & Analysis
Computer Science & Copyright Worksheet
Computer Science & Copyright Worksheet
Download
advertisement