1.3

Question 1

Privilege Escalation

Answer 1

The process of exploiting a vulnerability in a system to gain access to higher-level privileges than those initially granted. This can allow an attacker to gain access to sensitive information or perform unauthorized actions on a system.

Question 2

Cross-Site Scripting (XSS)

Answer 2

An attack in which an attacker injects malicious code (usually in the form of a script) into a web page viewed by other users. The script can then execute in the victim’s browser, allowing the attacker to steal sensitive data or take control of the victim’s account.

Question 3

SQL Injection

Answer 3

An attack in which an attacker injects malicious SQL code into a database query in order to manipulate the database in unintended ways. This can allow an attacker to gain unauthorized access to data or execute arbitrary code on the system.

Question 4

DLL Injection

Answer 4

A technique in which an attacker injects malicious code into a running process by loading a malicious dynamic-link library (DLL). This can allow an attacker to execute arbitrary code in the context of the running process.

Question 5

Lightweight Directory Access Protocol (LDAP) Injection

Answer 5

A type of injection attack in which an attacker injects malicious input into an LDAP query in order to manipulate the results returned by the query. This can allow an attacker to gain unauthorized access to data or execute arbitrary code on the system.

Question 6

XML Injection

Answer 6

An attack in which an attacker injects malicious XML code into an XML document in order to manipulate the way the document is processed. This can allow an attacker to gain unauthorized access to data or execute arbitrary code on the system.

Question 7

Pointer/Object Dereference

Answer 7

A vulnerability in which a program accesses a memory location based on a pointer that has not been properly initialized, or that has been freed or deleted. This can cause the program to crash or execute arbitrary code.

Question 8

Directory Traversal

Answer 8

An attack in which an attacker exploits a vulnerability in a web application to access files outside the web root directory. This can allow an attacker to gain unauthorized access to sensitive files on the system.

Question 9

Buffer Overflow

Answer 9

An attack in which an attacker exploits a vulnerability in a program that allows them to overwrite the memory beyond the boundaries of a buffer. This can allow an attacker to execute arbitrary code on the system or cause it to crash.

Question 10

Race Condition - Time of Check/Time of Use

Answer 10

A type of vulnerability that occurs when a program assumes that a particular resource will remain in a certain state between the time it is checked and the time it is used, but the resource is actually modified by another process during that time. This can allow an attacker to manipulate the resource in unintended ways or execute arbitrary code on the system.

Question 11

Error Handling

Answer 11

The process of detecting, reporting, and resolving errors that occur during the execution of a program. Proper error handling can prevent crashes and other unexpected behavior, and can also help to prevent security vulnerabilities by catching potential issues before they can be exploited.

Question 12

Improper Input Handling

Answer 12

A vulnerability in which a program fails to properly validate or sanitize input from external sources, such as user input. This can allow an attacker to inject malicious code or execute arbitrary commands on the system. Proper input handling can prevent these types of attacks.

Question 13

Replay Attack - Session Replay

Answer 13

An attack in which an attacker intercepts and replays a network communication between two parties. This can allow the attacker to gain unauthorized access to data or perform actions on the system that they are not authorized to do. Proper authentication mechanisms and encryption can prevent replay attacks.

Question 14

Integer Overflow

Answer 14

A vulnerability in which a program attempts to store a value that is too large to be represented by the data type used to store it. This can cause the program to behave in unexpected ways, potentially allowing an attacker to execute arbitrary code on the system. Proper data validation and input handling can prevent integer overflows.

Question 15

Request Forgery

Answer 15

A type of attack in which an attacker tricks a user into unknowingly executing a malicious action on a web application, often by crafting a specially-crafted URL or form that appears to be legitimate.

Question 16

API Attacks

Answer 16

An attack in which an attacker exploits vulnerabilities in an application programming interface (API) to gain unauthorized access to data or execute arbitrary code on the system. API attacks can include SQL injection, buffer overflow, and other types of attacks. Proper API design and security measures can help prevent these types of attacks.

Question 17

Resource Exhaustion

Answer 17

A type of denial-of-service (DoS) attack in which an attacker consumes system resources (such as CPU, memory, or network bandwidth) in order to make a system unavailable to legitimate users. This can cause a system to crash or become unresponsive. Proper resource management and monitoring can help prevent resource exhaustion attacks.

Question 18

Memory Leak

Answer 18

A type of vulnerability in which a program fails to release memory that is no longer needed, causing the program to consume more and more memory over time. This can eventually cause the program to crash or become unresponsive. Proper memory management can prevent memory leaks.

Question 19

SSL Stripping

Answer 19

A type of attack in which an attacker intercepts communication between two parties and downgrades the encryption used to secure the communication. This can allow the attacker to intercept and read sensitive data transmitted between the parties. Proper encryption protocols and security measures can prevent SSL stripping.

Question 20

Driver Manipulation

Answer 20

A technique in which an attacker modifies or replaces a device driver in order to execute malicious code on the system. Shimming and refactoring are two common methods used to achieve driver manipulation. Proper driver signing and security measures can prevent driver manipulation attacks.

Question 21

Pass the Hash

Answer 21

An attack in which an attacker steals the hashed password of a user and uses it to authenticate themselves as that user. This can allow the attacker to gain unauthorized access to data or perform actions on the system that they are not authorized to do. Proper authentication mechanisms and

Question 22

Cross-site request forgery (CSRF)

Answer 22

is a type of attack in which an attacker tricks a user into performing an action on a web application without their knowledge or consent. The attack works by exploiting the user’s existing authenticated session with the application, typically through a specially crafted link or form on a different website or web page.

Question 23

Server-side request forgery (SSRF)

Answer 23

is a type of web application vulnerability in which an attacker can send arbitrary requests from a vulnerable server. The attack works by exploiting the functionality of the application to make requests to other servers, typically by tricking the application into treating the attacker’s input as a valid URL or IP address.