Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security+ > Ch 5 Key Terms > Flashcards

Ch 5 Key Terms Flashcards

1
Q

introduce new input to exploit a vulnerability

injection attacks
ARP Poisoning
SQL injection
cross-site scripting (XSS)

A

injection attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

imitates another computer’s IP address

IP spoofing
ARP Poisoning
MAC poisoning

A

IP spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

When the user is tricked into clicking a link that is other than what it appears to be

clickjacking
mousejacking
micejacking

A

clickjacking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

uses the user’s web browser settings to impersonate that user

cross-site scripting (XSS)
cross-sit scripting (XSS)
clickjacking
cross-site request forgery (XSRF)

A

cross-site request forgery (XSRF)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Uses publicly accessible and open DNS servers to flood a system with DNS response traffic.

DNS attacks
cross-site scripting
DNS amplification attack
SQL injection

A

DNS amplification attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

a deliberate attempt to prevent authorized users from accessing a system

service of a denial
distributed deny of service
denial of service
distributed denial of service

A

denial of service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

threat actor takes advantage of web applications that accept user input without validating it

URL hijacking
IP spoofing
cross-site request forgery (XSRF)
cross-site scripting (XSS)

A

cross-site scripting (XSS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

targets SQL servers by introducing malicious commands into them

integer overflow attack
SQL injection
IP spoofing

A

SQL injection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

to illegally seize or commandeer over something and use it for nefarious reasons

hijacking
Session hijacking
SQL injection
URL hijacking

A

hijacking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

substitues a DNS address so that the computer is automatically redirected to another device

DNS Poisoning
DNS Attack
ARP Attack
ARP Poisoning

A

DNS Poisoning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

an attack using scripting that originates on one site to impact another site (user computer)

cross-site request forgery (XSRF)
IP spoofing
URL hijacking
cross-site scripting (XSS)

A

cross-site scripting (XSS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

to find the MAC address of another device based on the IP address

ARP
APR
PAR
AAR

A

ARP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

a threat actor gains access to the domain control panel and redirects the registerd domain

domain hijacking
session hijacking
URL hijacking
DNS hijacking

A

domain hijacking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

makes a copy of the legitimate transmission before sending it to the recipient

Replay
MITB
Repeated
MITM

A

Replay

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

when a domain pointer that links a domain name to a specific web server is changed

DNS poisoning
domain hijacking
DNS hijacking

A

domain hijacking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

an attack in which an attacker attempts to impersonate the user by using her session token

integer overflow attack
session hijacking
IP spoofing
URL hijacking

A

session hijacking

17
Q

user is authenticated on website, tricked into loading a webpage, hacker inherits access

integer overflow attack
cross-site request forgery (XSRF)
buffer overflow attack
cross-site scripting (XSS)

A

cross-site request forgery (XSRF)

18
Q

changing the value of a variable to something outside the programmer’s range

SQL injection
buffer overflow attack
integer overflow attack

A

integer overflow attack

19
Q

imitating another computer by means of changing the MAC address

ARP spoofing
IP spoofing
MAC spoofing

A

MAC spoofing

20
Q

intercepts communication between parties to steal or manipulate the data

MITB
MIIB
MITM
Replay

A

MITB

21
Q

exploiting a vulnerability in software to gain higher level access to resources

Firesheep
Elevated user
Cache poisoning
Privilege escalation

A

Privilege escalation

22
Q

user makes a typing error when entering a uniform resource locator address in a web browser

typo squatting
URL hijacking
session hijacking

A

typo squatting

23
Q

atttackers purchase the domain names of sites that are spelled similarly to actual sites

URL hijacking
DNS hijacking
session hijacking

A

URL hijacking

24
Q

Uses publicly accessible and open DNS servers to flood a system with DNS response traffic

DNS amplification attack
SQL injection
injection attacks
cross-site scripting

A

DNS amplification attack

25
Q

names to IP addresses - matching computer names and numbers

distributed attribution
ARP
domain name resolution

A

domain name resolution

Security+ (17 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions