CompTIA Security+ Question A-2

Which of the following is a security advantage of using NoSQL vs. SQL databases in a three-tier environment?

A. NoSQL databases are not vulnerable to XSRF attacks from the application server.
B. NoSQL databases are not vulnerable to SQL injection attacks.
C. NoSQL databases encrypt sensitive information by default.
D. NoSQL databases perform faster than SQL databases on the same hardware.

Answer: B

Explanation:
NoSQL is a nonrelational database and does not use SQL. It is therefore not vulnerable to SQL injection attacks but is vulnerable to similar injection-type attacks.

CompTIA Network+ Question C-5

Packet analysis reveals multiple GET and POST requests from an internal host to a URL without any response from the server. Which of the following is the BEST explanation that describes this scenario?

A. Compromised system
B. Smurf attack
C. SQL injection attack
D. Man-in-the-middle

Correct Answer: A

Explanation:
As the extra unexplainable traffic comes from an internal host on your network we can assume that this host has been compromised.
If your system has been compromised, somebody is probably using your machine–possibly to scan and find other machines to compromise