{"id":382,"date":"2021-01-17T05:23:58","date_gmt":"2021-01-16T17:53:20","guid":{"rendered":"https:\/\/exampracticetests.com\/ISC\/CISSP\/certified-information-systems-security-professional-cissp-question375\/"},"modified":"2021-01-17T05:24:11","modified_gmt":"2021-01-17T05:24:11","slug":"certified-information-systems-security-professional-cissp-question375","status":"publish","type":"post","link":"https:\/\/exampracticetests.com\/ISC\/CISSP\/certified-information-systems-security-professional-cissp-question375\/","title":{"rendered":"Certified Information Systems Security Professional &#8211; CISSP &#8211; Question375"},"content":{"rendered":"<div class=\"question\">An organization discovers that its Secure File Transfer Protocol (SFTP) server has been accessed by an unauthorized person to download an unreleased game. A recent security audit found weaknesses in some of the organization\u2019s general Information Technology (IT) controls, specifically pertaining to software change control and security patch management, but not in other control areas.<br \/>\nWhich of the following is the MOST probable attack vector used in the security breach? <br \/><strong><br \/>A.<\/strong> Buffer overflow <br \/><strong>B.<\/strong> Distributed Denial of Service (DDoS) <br \/><strong>C.<\/strong> Cross-Site Scripting (XSS) <br \/><strong>D.<\/strong> Weak password due to lack of complexity rules<\/div>\n<p><\/p>\n<style> .hidden-div{ display:none } <\/style>\n<p>\t\t\t\t\t\t\t<button onclick=\"getElementById('hidden-div').style.display = 'block'\"> Show Answer <\/button> <button onclick=\"getElementById('hidden-div').style.display = 'none'\">Hide Answer<\/button><\/p>\n<div class=\"hidden-div\" id=\"hidden-div\"><span style=\"\"><\/p>\n<div class=\"answer\">Correct Answer: <strong>A<\/strong><\/div>\n<p><\/strong><\/span> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>An organization discovers that its Secure File Transfer Protocol (SFTP) server has been accessed by an unauthorized person to download an unreleased game. A recent security audit found weaknesses in some of the organization\u2019s general Information Technology (IT) controls, specifically pertaining to software change control and security patch management, but not in other control areas. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3,391,378],"class_list":["post-382","post","type-post","status-publish","format-standard","hentry","category-certified-information-systems-security-professional-cissp","tag-certified-information-systems-security-professional-cissp","tag-choices","tag-question-375"],"_links":{"self":[{"href":"https:\/\/exampracticetests.com\/ISC\/CISSP\/wp-json\/wp\/v2\/posts\/382","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/exampracticetests.com\/ISC\/CISSP\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/exampracticetests.com\/ISC\/CISSP\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/CISSP\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/CISSP\/wp-json\/wp\/v2\/comments?post=382"}],"version-history":[{"count":1,"href":"https:\/\/exampracticetests.com\/ISC\/CISSP\/wp-json\/wp\/v2\/posts\/382\/revisions"}],"predecessor-version":[{"id":772,"href":"https:\/\/exampracticetests.com\/ISC\/CISSP\/wp-json\/wp\/v2\/posts\/382\/revisions\/772"}],"wp:attachment":[{"href":"https:\/\/exampracticetests.com\/ISC\/CISSP\/wp-json\/wp\/v2\/media?parent=382"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/CISSP\/wp-json\/wp\/v2\/categories?post=382"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/CISSP\/wp-json\/wp\/v2\/tags?post=382"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}