ch 5

Question 1

Three most common attacks are
Man in the middle
Man in the browser
Replay attacks what are these classified as?

Answer 1

Interception attacks

Question 2

Two computers are sending and receiving data with a computer between them.

Answer 2

(MITM) Man in the middle

Question 3

Occurs between a browser and the underlying computer.

Usually begins with a Trojan infecting the computer and installing an “extension” into the browser configuration.

Answer 3

(MITB) man in the browser

Question 4

attacker makes a copy of transmission before sending it to the original recipient.
Preventing replay attacks, both sides can communicate and negotiate a random key. Use timestamps in all messages and reject all message that fall outside of the time.

Answer 4

Replay

Question 5

The act of introducing a substance that harms or destroys.

Three types of attacks that inject “poisoning”

Answer 5

Poisoning

Question 6

Address resolution protocol, if the IP address for a device is known but the MAC address is not, the sending computer sends the ARP packet to determine the MAC address.
Relies upon Mac Spoofing

Answer 6

ARP Poisoning

Question 7

Domain name system is the current basis for name resolution to the IP address.
Two locations for DNS poisoning / Local host table / external DNS server.

Answer 7

DNS poisoning

Question 8

exploiting a software vulnerability to gain access to resources that the user normally would be restricted from accessing.

Answer 8

Privilege Escalation

Question 9

when a lower privilege user access functions restricted to higher privilege users.

Answer 9

Vertical privilege escalation-

Question 10

User restricted privilege access different restricted functions of a similar user.

Answer 10

Horizontal privilege escalation

Question 11

Compromised server can provide threat actor’s with its privileged contents to provide an opening for attacking any of the devices that access that server.

Answer 11

Server attacks

Question 12

deliberate attempt to prevent authorized users from accessing a system by overwhelming it with requests.

Answer 12

(DoS) Denial of Service

Question 13

Using hundreds of thousands of devices flooding the server with requests.

Answer 13

(DDoS) distributed Denial of Service

Question 14

attack broadcasts a network request to all the computers on the network but changes the address from which the request come from IP Spoofing.

Answer 14

Smurf attack

Question 15

– floods victims by redirecting valid responses to it.

Answer 15

DNS amplified attack

Question 16

Takes advantage of procedures for initiating a session.

Answer 16

SYN flood attack

Question 17

– an attack that exploits previously unknown vulnerabilities, victims have not time to prepare for or defend against the attack.

Answer 17

Zero Day attack

Question 18

Threat actor takes advantage of web applications that accept user input without validating it before presenting it back to the user.

Answer 18

Cross- site Scripting (XSS) attack

Question 19

This attack uses the user’s web browser settings to impersonate that user.

Answer 19

(XSRF) Cross-site Request Forgery

Question 20

introduce new input to exploit a vulnerability.

Answer 20

Injection attacks

Question 21

used to view and manipulate data stored in relational database.

Answer 21

(SQL) Structured Query Language

Question 22

Several server attacks are the result of threat actors “commandeering” a technology and then using it for an attack.

Answer 22

Hijacking

Question 23

Attacker attempts to impersonate user by stealing or guessing session token.
An attacker can attempt to obtain attacks to obtain the session token.
By using XXS or other attacks in order to steal the session token from someone’s computer.

Answer 23

Session Hijacking

Question 24

Users are directed to a fake look alike site filled with ads for which the attacker receives money for traffic generated to the site.

Answer 24

URL Hijacking (also called Typo Squatting)

Question 25

Registering Domain names that are one bit different.

Answer 25

Bit squatting-

Question 26

Occurs when a domain pointer that links a domain name to a specific web server is changed by a threat actor.

Answer 26

Domain Hijacking

Question 27

Hijacking a mouse click, User tricked into clicking a link that is other that what is appears to be.

Answer 27

Clickjacking

Question 28

– Designed to “overflow” areas of memory with instructions from the attacker.

Answer 28

Overflow Attacks

Question 29

Occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer.

Answer 29

Buffer Overflow attacks

Question 30

Result of an arithmetic operation exceeds the maximum size of the integer type used to store it.

Answer 30

Integer overflow

Question 31

An attacker changes the value of a variable to something put outside the range that the programmer had intended by using an integer overflow.

Answer 31

Integer overflow Attack

Question 32

Several attacks to use ads or manipulate the advertising system.

Answer 32

Advertising Attacks

Question 33

– Threat actors use third- party advertising networks to distribute malware to unsuspecting users who visit a well-known site.

Answer 33

malvertising

Question 34

Threat actors manipulate pre-roll ads to earn ad revenue that is directed back to them.

Answer 34

Ad Fraud

Question 35

Web browser additions have introduced vulnerabilities in browsers that access servers.

Answer 35

Browser vulnerabilities

Question 36

– Expand the normal capabilities of a web browser

Answer 36

Extensions

Question 37

Adds new Functionality to a web browser so users can play music, new videos, or display special graphical images (java, adobe Flash Player, Apple Quicktime, and Adobe acrobat reader)

Answer 37

Plug-in

Question 38

Add a Greater degree of functionality to the web browser.

Answer 38

Add-Ons

Question 39

what is

whatever’ AND email is NULL;–

Answer 39

determine the name of different fields in the database

Question 40

what is 
(whatever' AND 1=(select COUNT (*)FROM tabname);--)

Answer 40

discover the name of the table

Question 41

what is

whatever’ OR full name LIKE Mia)

Answer 41

find specific users

Question 42

what is

whatever’; DROP TABLE members; –

Answer 42

erase the database table

Question 43

whatever’; UPDATE members SET email= ‘attacker-email@evil.net’ WHERE email = ‘Mia@good.com

Answer 43

Mail password to attackers email account