4 Flashcards
Which of the following enables the exchange of information between computer programs?
** API **
API stands for Application Programming Interface. In the context of APIs, the word Application refers to any software with a distinct function. Interface can be thought of as a contract of service between two applications. This contract defines how the two communicate with each other using requests and responses.
What is the purpose of a DoS attack?
Resource exhaustion
A situation in which an application fails to properly release memory allocated to it or continually requests more memory than required is known as:
Memory leak
SSL stripping is an example of:
- Downgrade attack
- On-path attack
Which of the following alters the external behavior of an application and at the same time does not introduce any changes to the application’s code?
Shimming
The practice of modifying an application’s code without changing its external behavior is referred to as:
** Refactoring **
Refactoring is the process of restructuring code, while not changing its original functionality. The goal of refactoring is to improve internal code by making many small changes without altering the code’s external behavior.
Which of the following terms refer to software/hardware driver manipulation techniques? (Select 2 answers)
- Refactoring
- Shimming
A technique that allows an attacker to authenticate to a remote server without extracting cleartext password from a digest is called:
Pass the hash
The term “Evil twin” refers to a rogue Wireless Access Point (WAP) set up for eavesdropping or stealing sensitive user data. Evil twin replaces the legitimate access point and by advertising its own presence with the same Service Set Identifier (SSID, a.k.a. network name) appears as a legitimate access point to connecting hosts
True
Gaining unauthorized access to a Bluetooth device is referred to as:
** Bluesnarfing **
Bluesnarfing is a hacking technique in which a hacker accesses a wireless device through a Bluetooth connection. It happens without the device user’s permission and often results in the theft of information or some other kind of damage to the device (and user)
The practice of sending unsolicited messages over Bluetooth is known as:
** Bluejacking **
Bluejacking is an attack in which someone sends unsolicited messages to a Bluetooth-enabled device. The target must be within their Bluetooth range for the attack to work.
A wireless disassociation attack is a type of:
- Deauthentication attack
- Denial-of-Service (DoS) attack
A wireless jamming attack is a type of:
Denial-of-Service (DoS) attack
Which of the following wireless technologies enables identification and tracking of tags attached to objects?
** RFID **
Radio Frequency Identification (RFID) refers to a wireless system comprised of two components: tags and readers.
A type of identification badge that can be held within a certain distance of a reader device to authenticate its holder is called:
RFID badge