1.3 Given a scenario, analyze potential indicators associated with application attacks

Question 1

Privilege Escalation

Answer 1

Gain higher-level access to a system

Question 2

Privilege Escalation

Answer 2

When a user grants themselves HIGHER security privileges than they are supposed to have

Question 3

Cross-site Scripting (XSS)

Answer 3

A type of injection, in which malicious scripts are injected into otherwise benign and trusted websites.

Question 4

Cross-site request forgery (XSRF or CSRF)

Answer 4

exploits trust that a user has in a website to execute code on
the user’s computer.

Question 5

Dynamic-link library (DLL)

Answer 5

Attacker injects a code and the application runs it for the attacker

Question 6

Lightweight Directory Access Protocol (LDAP)

Answer 6

This can occur when the user’s input is not properly filtered, and the result can be executed commands, modified content, or results returned to unauthorized queries.

Question 7

Extensible Markup Language (XML)

Answer 7

when users enter values that query XML (known as XPath) with values that take advantage of exploits, it is known as an XML injection attack.

Question 8

SQL injection attacks

Answer 8

“1+1” input on a web app
Use unexpected input to a web application to gain
unauthorized access to an underlying database.

Question 9

Point/Object Deference

Answer 9

An attack that consists of finding null references in a target program
and dereferencing them, causing an exception to be generated.

Question 10

Directory Traversal

Answer 10

If an attacker is able to gain access to restricted directories through
HTTP

Question 11

Buffer Overflow

Answer 11

appropriate size (allows Input that is too large can “overflow” memory buffer).

Question 12

Race Conditions

Answer 12

A condition where the system’s behavior is dependent on the
sequence or timing of other uncontrollable events

Question 13

Error Handling

Answer 13

the user will simply see an error message box

Question 14

Replay Attack

Answer 14

an attempt to reuse authentication
requests.

Question 15

Session Replay

Answer 15

an attacker steals a valid session ID of a
user and reuses it to impersonate an

Question 16

Integer Overflow

Answer 16

A type of arithmetic overflow error when the result of an integer operation does not fit within the allocated memory space.

Question 17

resource exhaustion

Answer 17

When an application continuously allocates additional resources,
exhausting machine resources, leading the system to hang or crash.

Question 18

Application
programming interface (API)

Answer 18

Attempts to manipulate the application
programming interface (API)

Question 19

Memory Leak

Answer 19

Memory leaks are usually caused by failure to deallocate
memory that has been allocated.

Question 20

secure sockets layer (ssl) stripping

Answer 20

A technique by which a website is downgraded from https to http

Question 21

Shimming

Answer 21

A
shim is a small library that is created to intercept API calls transparently and

Question 22

Refactoring

Answer 22

The name given to a set of techniques used to identify the flow and then modify
the internal structure of code without changing the code’s visible behavior.

Question 23

Pass the Hash

Answer 23

a technique whereby an attacker captures a password hash (as opposed to the
password characters) and then passes it through for authentication and lateral access

Question 24

Non-persistent XSS Attack

Answer 24

Scripts ran through a search box and is started by a a user CLICKING a EMAIL.

Question 25

Persistent XXS attack

Answer 25

Attacker makes a post with a malicious/script and anyone that clicks or visits the page are a victim

Question 26

Persistent XXS attack

Answer 26

Attacker makes a post with a malicious/script and anyone that clicks or visits the page are a victim