1.3 Application Attacks

Question 1

Priviledge Escalation

Answer 1

attacks seek to increase the level of access that an attacker has to a target system. They exploit vulnerabilities that allow the transformation of a normal user account into a more privileged account

Question 2

Cross-site scripting

Answer 2

These occur when web applications allow an attacker to perform HTML injection, inserting their own html code into a webpage.

Question 3

Injections

Answer 3

This is an attack that attackers use in order to break through a web application and gain access to the systems supporting that aplication

Question 4

SQL injection

Answer 4

An attacker is able to provide input to the web application and then monitor the output of that application to see the result.

Question 5

Dynamic link library

Answer 5

Malware triesd to inject code into the memory process space using a vulnerability.

Question 6

Lightweight directory access protocol

Answer 6

Users input is not properly filtered and the return can be executed commands etc.

Question 7

Extensible Markup Language (XML)

Answer 7

This is where attackers embed code in extensible markup language documents.

Question 8

Pointer/object dereference

Answer 8

These are simply an area of memory that stores an address of another location in memory

Question 9

Directory traversal

Answer 9

This is when a web server suffer from a security misconfiguration that allows users to navigate the directory structure and access files that should remain secure.

Question 10

Buffer overflows

Answer 10

These occur when an attacker manipulates a program into placing more data into an area of memory than is allocated for that program’s use.

Question 11

Time of check/time of use

Answer 11

This is a race condition that occurs when a program checks access permissions too far in advance of a resource request.

Question 12

Error handling

Answer 12

This is when developers of code step in and handle security risks before an attacker can do their attacking.

Question 13

Improper input handling

Answer 13

These can expose applications to injection attacks, XSS and other exploits.

Question 14

Replay attack

Answer 14

an attempt to reuse authentication requests

Question 15

Integer overflow

Answer 15

This is where the result of an arithmetic operation attempts to store an integer that is too large to fit into the specified buffer.

Question 16

Request forgeries

Answer 16

These exploit trust relationships and attempt to have users unwittingly execute commands against a remote server.

Question 17

server-side

Answer 17

These attacks trick a server into visiting a URL based on user-supplied input.

Question 18

cross-site

Question 19

Application programming interface (API) attacks

Answer 19

These allow anyone with knowledge of the API URL’s to modify a service. Make sure there is end to end encryption with API’s: HTTPS

Question 20

Resource exhaustion

Answer 20

Systems may consume all of the memory, storage, processing time, or other resources available to them, rendering the system disabled or crippled from other uses.

Question 21

Memory leak

Answer 21

This is when an application fails to return some memory that it no longer needs, perhaps by losing track of an object that it has written to a reserved area of memory.

Question 22

Secure Sockets Layer (SSL ) stripping

Question 23

Driver manipulation

Answer 23

When an attacker convinces a user to install a malicious driver on their computer, and then the attacker can gain complete control of the system

Question 24

Shimming

Answer 24

This takes a legit driver and wraps a malicious driver around the outside of it

Question 25

Refactoring

Answer 25

If an attacker has access to the driver’s source code, they can modify it to also include malware elements.

Question 26

Island hopping attack

Answer 26

Compromising vulnerable vendors in the supply chain and then attempt to attack the target organization.