In an “old school” attack, which step is a listing of the systems and vulnerabilities to build an attack game plan.

Which term refers to the process of checking whether the program specification captures the requirements from the customer?

Which attack works on both SSL and TLS by transparently converting the secure HTTPS connection into a plain HTTP connection, removing the transport layer encryption protections?

What tool is the protocol/standard for the collection of network metadata on the flows of network traffic?

__________ is a branch of digital forensics dealing with identifying, managing, and preserving digital information that is subject to legal hold.

Which term describes a proactive plan for personnel substitutions in the event that the primary person is not available to fulfill their assigned duties?

In which step of the general risk management model do you determine which controls to put in place to mitigate the risks?

What is a good way to reduce the chance of a successful social engineering attack?

In which phase of the secure development lifecycle model would you employ use cases?

Bob gets an e-mail addressed from his bank, asking for his user ID and password. He then notices that the e-mail has poor grammar and incorrect spelling. He calls up his bank to ask if they sent the e-mail, and they promptly tell him they did not and would not ask for that kind of information. What is this type of attack called?