1300 Flashcards

1
Q

What is unique about a cross-site scripting (XSS) attack compared to other injection attacks? A. SQL code is used in an XSS attack B. XSS requires the use of a browser C. XSS does not attack the Web application server to steal or corrupt its information D. XSS attacks are rarely used anymore compared to other injection attacks

A

C. XSS does not attack the Web application server to steal or corrupt its information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Each of the following can be used in an XSS attack except __________. A. HTML B. JavaScript C. Adobe Flash D. ICMP

A

D. ICMP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A cookie that was not created by the Web site being viewed is called a __________. A. first-party cookie B. second-party cookie C. third-party cookie C. fourth-party cookie

A

C. third-party cookie

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The basis of a SQL injection attack is __________. A. to inject SQL statements through unfiltered user input B. to have the SQL server attack client Web browsers C. to link SQL servers into a botnet D. to expose SQL code so that it can be examined.

A

A. to inject SQL statements through unfiltered user input

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following cannot be performed through a successful SQL injection attack? A. Display a list of customer telephone numbers B. Discover the names of different fields in a table C. Erase a database table D. Reformat the Web application server’s hard drive

A

D. Reformat the Web application server’s hard drive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A markup language that is designed to carry data is __________. A. ICMP B. HTTP C. HTML D. XML

A

D. XML

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

When an attacker can access files in directories other than the root directory - this is known as a(n) __________ attack. A. Command injection B. Directory traversal C. SQL injection D. XML injection

A

B. Directory traversal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A(n) __________ attack modifies the fields that contain the different characteristics of the data that is being transmitted. A. HTML packet B. SQL injection C. XML manipulation D. HTTP header

A

D. HTTP header

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following cookies only lasts for the duration of visiting the Web site? A. Session B. Persistent C. Temporary D. RAM

A

A. Session

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a session token? A. A random string assigned by a Web server B. The same as third-party cookie C. A unique identifier that includes the user’s e-mail address D. XML code used in an XML injection attack

A

A. A random string assigned by a Web server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which of the following is not a security concern of the ActiveX add-on? A. the person who signed the control may not have properly assessed the control’s safety. B. A malicious ActiveX control can affect all users of that computer. C. ActiveX can be integrated with JavaScript D. ActiveX does not have safeguards and has full access to the Windows operating system

A

C. ActiveX can be integrated with JavaScript

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following is not a DoS attack? A. Ping flood B. SYN flood C. Push flood D. Smurf

A

C. Push flood

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What type of attack intercepts legitimate communication and forges a fictitious response to the sender? A. Man-in-the-Middle B. Interceptor C. SQL intrusion D. SIDS

A

A. Man-in-the-Middle

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A replay attack __________. A. makes a copy of the transmission for use at a later time B. replays the attack over and over to flood the server C. can be prevented by patching the Web server D. is considered to be a type of DoS attack

A

A. makes a copy of the transmission for use at a later time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

___________ is used to discover the MAC address of a client based on its IP address. A. Ping B. ICMP C. DNS D. ARP

A

D. ARP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

DNS poisoning __________. A. is rarely found today due to the use of host tables B. can attack an external DNS server C. is the same as ARP poisoning D. floods a DNS server with requests until it can no longer respond

A

B. can attack an external DNS server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

__________ involves using a third party to gain access rights. A. Transitive access B. Privilege escalation C. Active Rights Scaling (ARS) D. Directory traversal

A

A. Transitive access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

The expected monetary loss that can be expected for an asset due to a risk over a one-year period.

A

Annualized Loss Expectancy (ALE)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

The probability that a risk will occur in a particular year.

A

Annualized Rate of Occurrence (ARO)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

The process of defining a collection of hardware and software components along with their interfaces in order to create the framework for software development.

A

Architectural Design

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

The code that can be executed by unauthorized users in a software program.

A

Attack Surface

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

A comparison of the present state of a system compared to its baseline.

A

Baseline Reporting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

A test in which the tester has no prior knowledge of the network infrastructure that is being tested.

A

Black Box

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Presenting the code to multiple reviewers in order to reach agreement about its security.

A

Code Review

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

An analysis of the design of a software program by key personnel from different levels of the project.

A

Design Review

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

The proportion of an asset’s value that is likely to be destroyed by a particular risk (expressed as a percentage).

A

Exposure Factor (EF)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

A control that errs on the side of permissiveness in the event of a failure.

A

Fail-Open

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

A control that errs on the side of security in the event of a failure.

A

Fail-Safe (Fail-Secure)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

A test where some limited information has been provided to the tester.

A

Gray Box

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

The process of eliminating as many security risks as possible and making the system more secure.

A

Hardening

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

A network set up with intentional vulnerabilities.

A

Honeynet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

A computer typically located in an area with limited security and loaded with software and data files that appear to be authentic - yet they are actually imitations of real data files - to trick attackers into revealing their attack techniques.

A

Honeypot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

A test by an outsider to actually exploit any weaknesses in systems that are vulnerable.

A

Penetration Testing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Software to search a system for any port vulnerabilities.

A

Port Scanner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Hardware or software that captures packets to decode and analyze the contents.

A

Protocol Analyzer (Sniffer)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

The expected monetary loss every time a risk occurs.

A

Single Loss Expectancy (SLE)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

A systematic and methodical evaluation of the exposure of assets to attackers - forces of nature - or any other entity that is a potential harm.

A

Vulnerability Assessment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

An automated software search through a system for any known security weaknesses that then creates a report of those potential exposures.

A

Vulnerability Scan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

A test where the tester has an in-depth knowledge of the network and systems being tested - including network diagrams - IP addresses - and even the source code of custom applications.

A

White Box

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Sending a packet with every option set on for whatever protocol is in use to observe how a host responds.

A

Xmas Tree Port Scan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

A __________ is systematic and methodical evaluation of the exposure of assets to attackers - forces of nature - or any other entity that is a potential harm. A. penetration testing B. vulnerability scan C. vulnerability assessment D. risk appraisal (RAP)

A

C. Vulnerability assessment

42
Q

Each of the following can be classified as an asset except __________. A. business partners B. buildings C. employee databases D. accounts payable

A

D. Accounts payable

43
Q

Each of the following is a step in risk management except __________. A. attack assessment B. vulnerability appraisal C. threat evaluation D. risk mitigation

A

A. Attack assessment

44
Q

Which of the following is true regarding vulnerability appraisal? A. Vulnerability appraisal is always the easiest and quickest step B. Every asset must be viewed in light of each threat C. Each threat could reveal multiple vulnerabilities D. Each vulnerability should be cataloged.

A

A. Vulnerability appraisal is always the easiest and quickest step

45
Q

__________ constructs scenarios of the types of threats that assets can face in order to learn who the attackers are - why they attack - and what types of attacks may occur. A. vulnerability prototyping B. risk assessment C. attack assessment D. threat modeling

A

D. threat modeling

46
Q

What is a current snapshot of the security of an organization? A. vulnerability appraisal B. risk evaluation C. threat mitigation D. liability reporting

A

A. vulnerability appraisal

47
Q

The __________ is the proportion of an asset’s value that is likely to be destroyed by a particular risk. A. Exposure Factor (EF) B. Single Loss Expectancy (SLE) C. Annualized Rate of Occurrence (ARO) D. Annualized Loss Expectancy (ALE)

A

A. Exposure Factor (EF)

48
Q

Which of the following is NOT an option for dealing with risk? A. eliminate the risk B. accept the risk C. diminish the risk D. transfer the risk

A

A. Eliminate the risk

49
Q

__________ is a comparison of the present security state of a system compared to a standard established by the organization. A. risk mitigation B. baseline reporting C. Comparative Resource Appraisal (CRA) D. Horizontal comparables

A

B. Baseline reporting

50
Q

Each of the following is a state of a port that can be returned by a port scanner except: A. open B. busy C. blocked D. closed

A

B. busy

51
Q

Each of the following is true regarding TCP SYN port scanning except __________ A. it uses FIN messages that can pass through firewalls and avoid detection B. instead of using the operating system’s network functions - the port scanner generates IP packets itself and monitors for responses C. the scanner host closes the connection before the handshake is completed D. this can type is also known as “half-open scanning” because it never actually opens a full TCP connection

A

A. it uses FIN messages that can pass through firewalls and avoid detection

52
Q

The protocol File Transfer Protocol (FTP) uses which two ports? A. 10 and 20 B. 20 and 21 C. 21 and 22 D. 22 and 23

A

B. 20 and 21

53
Q

A protocol analyzer places the computer’s network interface card (NIC) adapter into __________ mode. A. promiscuous B. full C. view D. real

A

A. promiscuous

54
Q

Each of the following is a function of a vulnerability scanner except ___________. A. detect which ports are served and which ports are browsed for each individual system. B. alert users when a new patch cannot be found C. maintain a log of all interactive network sessions D. detect when an application is compromised

A

B. alert users when a new patch cannot be found

55
Q

Which of the following is true of the Open Vulnerability and Assessment Language (OVAL)? A. it only functions on Linux-based computers B. it attempts to standardize vulnerability assessments C. it has been replaced by XML D. it is a European standard and is not used in the Americas

A

B. It attempts to standardize vulnerability assessments

56
Q

Which of the following is not true regarding a honeypot? A. it is typically located in an area with limited security B. it contains real data files because attackers can easily identify fake files C. it cannot be part of a honeynet D. it can direct an attacker’s attention away from legitimate servers

A

C. It cannot be part of a honeynet

57
Q

Which of the following is true of vulnerability scanning? A. it uses automated software to scan for vulnerabilities B. the testers are always outside of the security perimeter C. it may disrupt the operation of the network or systems D. it produces a short report of the attack methods and value of the exploited data

A

A. it uses automated software to scan for vulnerabilities

58
Q

If a tester is given the IP addresses - network diagrams - and source code of customer applications - then she is using which technique? A. black box B. white box C. gray box D. blue box

A

B. White box

59
Q

If a software application aborts and leaves the program open - which control structure is it using? A. Fail-safe B. Fail-secure C. Fail-open D. Fail-right

A

C. Fail-open

60
Q

A record or list of individuals who have permission to enter a secure area - the time that they entered - and the time they left the area.

A

Access List

61
Q

A log that can provide details regarding requests for specific files on a system.

A

Access Log

62
Q

Software that helps prevent computers from becoming infected by different types of spyware.

A

Anti-Spyware

63
Q

Software that can examine a computer for any infections as well as monitor computer activity and scan new documents that might contain a virus.

A

Anti-Virus (AV)

64
Q

A log that can track user authentication attempts.

A

Audit Log

65
Q

Logs that are the second common type of security-related operating system logs.

A

Audit Records

66
Q

Spam filtering software that analyzes the contents of every word in an e-mail and determines how frequently a word occurs in order to determine if it is spam.

A

Bayesian Filtering

67
Q

A device that can be inserted into the security slot of a portable device and rotated so that the cable lock is secured to the device to prevent it from being stolen.

A

Cable Lock

68
Q

Using video cameras to transmit a signal to a specific and limited set of receivers used for surveillance in areas that require security monitoring.

A

Closed-Circuit Television (CCTV)

69
Q

An attack that uses the user’s Web browser settings to impersonate the user.

A

Cross-Site Request Forgery (XSRF)

70
Q

A system that can identify critical data - monitor how it is being accessed - and protect it from unauthorized users.

A

Data Loss Prevention (DLP)

71
Q

A door lock that extends a solid metal bar into the door frame for extra security.

A

Deadbolt Lock

72
Q

Faults in a program that occur while the application is running.

A

Errors (Exceptions)

73
Q

Logs that can document any unsuccessful events and the most significant successful events.

A

Event Logs

74
Q

Securing a restricted area by erecting a barrier.

A

Fencing

75
Q

Hardware or software that is designed to prevent malicious packets from entering or leaving computers.

A

Firewall (Packet Filter)

76
Q

A software testing technique that deliberately provides invalid - unexpected - or random data as inputs to a computer program.

A

Fuzz Testing (Fuzzing)

77
Q

Using the Global Positioning System (GPS) to detect the location of a portable device.

A

GPS Tracking

78
Q

Creating a virtualized environment to simulate the central processing unit (CPU) and memory of the computer to check for the presence of a virus.

A

Heuristic Detection

79
Q

A firewall that runs as a program on a local system to protect it against attacks.

A

Host-Based Software Firewall

80
Q

Software that addresses a specific customer situation and often may not be distributed outside that customer’s organization.

A

Hotfix

81
Q

Verifying a user’s input to an application.

A

Input Validation

82
Q

A secure storage unit that can be used for storing portable devices.

A

Locking Cabinet

83
Q

A record of events that occur.

A

Log

84
Q

A device that monitors and controls two interlocking doors to a small room (a vestibule) - designed to separate secure and non-secure areas.

A

Mantrap

85
Q

A general software security update intended to cover vulnerabilities that have been discovered.

A

Patch

86
Q

Either a program or a feature incorporated within a browser that stops pop-up advertisements from appearing.

A

Pop-Up Blocker

87
Q

A device that detects an emitted signal in order to identify the owner.

A

Proximity Reader

88
Q

A technology that can remotely erase data from a portable device and reset it to its default factory settings.

A

Remote Wipe/Sanitation

89
Q

A ruggedized steel box with a lock.

A

Safe

90
Q

Logs that are considered the primary source of log data.

A

Security Logs

91
Q

A document or series documents that clearly defines the defense mechanisms an organization will employ to keep information secure.

A

Security Policy

92
Q

Software that is a cumulative package of all security updates plus additional features.

A

Service Pack

93
Q

A sequence of bytes (a string) found in the virus as a virus signature.

A

Signature File

94
Q

Using encryption to mask the content of voice communication.

A

Voice Encryption

95
Q

Heuristic detection is also known as __________.

A

Code Emulation

96
Q

This AV software extracts a sequence of bytes (a string) found in the virus as the virus signature and scans computer looking for a match.

A

String Scanning

97
Q

This type of scanning allows skipped bytes or ranges of bytes as it looks for a match.

A

Wildcard Scanning

98
Q

This type of scanning mismatches allow a set number of bytes in the string to be any value regardless of their position in the string.

A

Mismatch Scanning

99
Q

The residential lock most often used for keeping out intruders is the __________. A. privacy lock B. passage lock C. keyed entry lock D. encrypted key lock

A

C. keyed entry lock

100
Q

A lock that extends a solid metal bar into the door frame for extra security is the ____________. A. deadman’s lock B. full bar lock C. deadbolt lock D. triple bar lock

A

C. deadbolt lock