Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security - 1 > Chapter 3 > Flashcards

Chapter 3 Flashcards

1
Q 
What language below is used to view and manipulate data that is stored in a relational database?
A) C
B) DQL
C) SQL
D) ISL
A

SQL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q 
Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database?
A) whatever AND email IS NULL; --
B) whatever; AND email IS NULL; --
C) whatever” AND email IS NULL; --
D) whatever’ AND email IS NULL; --
A

whatever’ AND email IS NULL; –

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which SQL injection statement example below could be used to discover the name of the table?
A) whatever%20 AND 1=(SELECT COUNT() FROM tabname); –
B) whatever’ AND 1=(SELECT COUNT() FROM tabname); –
C) whatever; AND 1=(SELECT COUNT() FROM tabname); –
D) whatever%; AND 1=(SELECT COUNT() FROM tabname); –

A

whatever’ AND 1=(SELECT COUNT(*) FROM tabname); –

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q 
Choose the SQL injection statement example below that could be used to find specific users:
A) whatever’ OR full_name = ‘%Mia%’
B) whatever’ OR full_name IS ‘%Mia%’
C) whatever’ OR full_name LIKE ‘%Mia%’
D) whatever’ OR full_name equals ‘%Mia%’
A

whatever’ OR full_name LIKE ‘%Mia%’

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q 
Which SQL injection statement can be used to erase an entire database table?
A) whatever'; DROP TABLE members;--
B) whatever'; DELETE TABLE members;--
C) whatever'; UPDATE TABLE members;--
D) whatever'; RENAME TABLE members;--
A

whatever’; DROP TABLE members;–

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q 
HTML uses which option below within embedded brackets (< >) causing a web browser to display text in a specific format?
A) blocks
B) marks
C) taps
D) tags
A

tags

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q 
What language below is designed to display data, with a primary focus on how the data looks?
A) XML
B) HTML
C) SGML
D) ISL
A

HTML

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q 
What language below is for the transport and storage of data, with the focus on what data is?
A) XML
B) HTML
C) SGML
D) SML
A

XML

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q 
To what specific directory are users generally restricted to on a web server?
A) top
B) base
C) root
D) tap
A

root

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q 
The default root directory of the Microsoft Internet Information Services (IIS) Web server is located at which directory below?
A) /var/www
B) C:\Inetpub\ wwwroot
C) /var/html
D) C:\wwwroot
A

C:\Inetpub\ wwwroot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q 
Select below the string of characters that can be used to traverse up one directory level from the root directory:
A) ;/
B) ./
C) %20/
D) ../
A

../

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q 
Attacks that take place against web based services are considered to be what type of attack?
A) client-side
B) hybrid
C) server-side
D) relationship
A

server-side

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q 
A user has become compromised as a result of visiting a specific web page, without clicking on any kind of content. What type of attack has occurred?
A) buffer overflow
B) drive-by-download
C) denial of service
D) stack underflow
A

drive-by-download

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q 
What portion of the HTTP packet consists of fields that contain information about the characteristics of the data being transmitted?
A) HTTP header
B) HTML header
C) XML header
D) SSL header
A

HTTP header

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q 
An attack in which the attacker attempts to impersonate the user by using his or her session token is known as:
A) Session replay
B) Session spoofing
C) Session hijacking
D) Session blocking
A

Session hijacking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q 
Which type of attack below is similar to a passive man-in-the-middle attack?
A) replay
B) hijacking
C) denial
D) buffer overflow
A

replay

17
Q 
When TCP/IP was developed, the host table concept was expanded into a hierarchical name system for matching computer names and numbers using this service:
A) HTTP
B) NSDB
C) URNS
D) DNS
A

DNS

18
Q 
How can an attacker substitute a DNS address so that a computer is automatically redirected to another device?
A) DNS poisoning
B) Phishing
C) DNS marking
D) DNS overloading
A

A) DNS poisoning

19
Q 
The exchange of information among DNS servers regarding configured zones is known as:
A) resource request
B) zone disarticulation
C) zone transfer
D) zone removal
A

zone transfer

20
Q 
ON a compromised computer, you have found that a user without administrative privileges was able to perform a task limited to only administrative accounts. What type of exploit has occurred?
A) Privilege escalation
B) DNS cache poisoning
C) ARP poisoning
D) Man-in-the-middle
A

Privilege escalation

Security - 1 (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions