1300 Flashcards
What is unique about a cross-site scripting (XSS) attack compared to other injection attacks? A. SQL code is used in an XSS attack B. XSS requires the use of a browser C. XSS does not attack the Web application server to steal or corrupt its information D. XSS attacks are rarely used anymore compared to other injection attacks
C. XSS does not attack the Web application server to steal or corrupt its information
Each of the following can be used in an XSS attack except __________. A. HTML B. JavaScript C. Adobe Flash D. ICMP
D. ICMP
A cookie that was not created by the Web site being viewed is called a __________. A. first-party cookie B. second-party cookie C. third-party cookie C. fourth-party cookie
C. third-party cookie
The basis of a SQL injection attack is __________. A. to inject SQL statements through unfiltered user input B. to have the SQL server attack client Web browsers C. to link SQL servers into a botnet D. to expose SQL code so that it can be examined.
A. to inject SQL statements through unfiltered user input
Which of the following cannot be performed through a successful SQL injection attack? A. Display a list of customer telephone numbers B. Discover the names of different fields in a table C. Erase a database table D. Reformat the Web application server’s hard drive
D. Reformat the Web application server’s hard drive
A markup language that is designed to carry data is __________. A. ICMP B. HTTP C. HTML D. XML
D. XML
When an attacker can access files in directories other than the root directory - this is known as a(n) __________ attack. A. Command injection B. Directory traversal C. SQL injection D. XML injection
B. Directory traversal
A(n) __________ attack modifies the fields that contain the different characteristics of the data that is being transmitted. A. HTML packet B. SQL injection C. XML manipulation D. HTTP header
D. HTTP header
Which of the following cookies only lasts for the duration of visiting the Web site? A. Session B. Persistent C. Temporary D. RAM
A. Session
What is a session token? A. A random string assigned by a Web server B. The same as third-party cookie C. A unique identifier that includes the user’s e-mail address D. XML code used in an XML injection attack
A. A random string assigned by a Web server
Which of the following is not a security concern of the ActiveX add-on? A. the person who signed the control may not have properly assessed the control’s safety. B. A malicious ActiveX control can affect all users of that computer. C. ActiveX can be integrated with JavaScript D. ActiveX does not have safeguards and has full access to the Windows operating system
C. ActiveX can be integrated with JavaScript
Which of the following is not a DoS attack? A. Ping flood B. SYN flood C. Push flood D. Smurf
C. Push flood
What type of attack intercepts legitimate communication and forges a fictitious response to the sender? A. Man-in-the-Middle B. Interceptor C. SQL intrusion D. SIDS
A. Man-in-the-Middle
A replay attack __________. A. makes a copy of the transmission for use at a later time B. replays the attack over and over to flood the server C. can be prevented by patching the Web server D. is considered to be a type of DoS attack
A. makes a copy of the transmission for use at a later time
___________ is used to discover the MAC address of a client based on its IP address. A. Ping B. ICMP C. DNS D. ARP
D. ARP
DNS poisoning __________. A. is rarely found today due to the use of host tables B. can attack an external DNS server C. is the same as ARP poisoning D. floods a DNS server with requests until it can no longer respond
B. can attack an external DNS server
__________ involves using a third party to gain access rights. A. Transitive access B. Privilege escalation C. Active Rights Scaling (ARS) D. Directory traversal
A. Transitive access
The expected monetary loss that can be expected for an asset due to a risk over a one-year period.
Annualized Loss Expectancy (ALE)
The probability that a risk will occur in a particular year.
Annualized Rate of Occurrence (ARO)
The process of defining a collection of hardware and software components along with their interfaces in order to create the framework for software development.
Architectural Design
The code that can be executed by unauthorized users in a software program.
Attack Surface
A comparison of the present state of a system compared to its baseline.
Baseline Reporting
A test in which the tester has no prior knowledge of the network infrastructure that is being tested.
Black Box
Presenting the code to multiple reviewers in order to reach agreement about its security.
Code Review
An analysis of the design of a software program by key personnel from different levels of the project.
Design Review
The proportion of an asset’s value that is likely to be destroyed by a particular risk (expressed as a percentage).
Exposure Factor (EF)
A control that errs on the side of permissiveness in the event of a failure.
Fail-Open
A control that errs on the side of security in the event of a failure.
Fail-Safe (Fail-Secure)
A test where some limited information has been provided to the tester.
Gray Box
The process of eliminating as many security risks as possible and making the system more secure.
Hardening
A network set up with intentional vulnerabilities.
Honeynet
A computer typically located in an area with limited security and loaded with software and data files that appear to be authentic - yet they are actually imitations of real data files - to trick attackers into revealing their attack techniques.
Honeypot
A test by an outsider to actually exploit any weaknesses in systems that are vulnerable.
Penetration Testing
Software to search a system for any port vulnerabilities.
Port Scanner
Hardware or software that captures packets to decode and analyze the contents.
Protocol Analyzer (Sniffer)
The expected monetary loss every time a risk occurs.
Single Loss Expectancy (SLE)
A systematic and methodical evaluation of the exposure of assets to attackers - forces of nature - or any other entity that is a potential harm.
Vulnerability Assessment
An automated software search through a system for any known security weaknesses that then creates a report of those potential exposures.
Vulnerability Scan
A test where the tester has an in-depth knowledge of the network and systems being tested - including network diagrams - IP addresses - and even the source code of custom applications.
White Box
Sending a packet with every option set on for whatever protocol is in use to observe how a host responds.
Xmas Tree Port Scan