1.3 Examples Flashcards

1
Q

An attacker can use Javascript w/a vulnerable website to gather info from your computer w/o you knowing

A

cross site scripting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

the act of going around the website’s front end (where user’s interact with) to gain access to the data that’s in the datebase

A

SQL (structured query language)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Attacker attaches malicious ** to a running process, allocates memory with the running process, connects the ** within the allocated memory and then executes function within ***

A

Dynamic Link Library (DLL)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

transfers data between two devices

A

XML (extensible markup language)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

If an application doesn’t catch an error, it often provides debugging into that attackers can use against the app

A

Error Handling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

buffer overflows, XSS (cross-site scripting), directory traversal, null byte injection, SQL injection, uncontrolled format string

A

Improper Input Handling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

when an attacker can control the 3rd party service URL to which the web application makes a request

A

Cross-Site Request Forgery (XSRF or CSRF)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

https://google.com (secure)
to
http://google.com (unsecure)

A

Secure Sockets Layer (SSL)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Windows 10 being compatible w/Windows 8 once switching comp mode

A

Shimming

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

uses port 389

A

LDAP (lightweight directory access protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly