Chapter 3 Application Attack Indicators Flashcards

1
Q

What is Privilege escalation?

A

Exploits that allow an attacker to achieve higher levels of authority

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Cross-site scripting (XSS)?

A

Injecting malicious code into a web app where it can be executed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a Non-persistent XSS attack?

A

The injected script is not persisted or stored but rather is immediately executed and passed back via the web server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a Persistent XSS attack?

A

The script is permanently stored on the web server or some backend storage. This allows the script to be used against others who log in to the system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a DOM-based XSS attack?

A

The script is executed in the browser via the Document Object Model (DOM) process as opposed to the web server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is input validation?

A

Also know as data validation, is the structured and proper testing of any input that is supplied by an application or user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a Structured Query Language (SQL) injection attacks

A

The manipulation of input, resulting in a SQL statement that is different from the statement the designer intended

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a Dynamic Link Library (DLL)?

A

a piece of code that can add functionality to a program through the inclusion of library routines linked at runtime

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is DLL injection?

A

The process of adding to a program at runtime

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a pointer?

A

A construct that refers to the memory location that holds the variable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a Directory Traversal attack?

A

When an attacker uses special inputs to circumvent the directory tree structure of the filesystem

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a Buffer Overflow?

A

An attack that sends a tone of values to the buffer causing it to overwrite was in the buffer, which can either cause an error or for any command sent as input to execute

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a race condition?

A

An error condition that occurs when the output of a function is dependent on the sequence or timing of the inputs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is a time of check/time of use attack?

A

An attack that takes advantage of a separation between the time a program checks a value and when it uses the value, allowing an unauthorized manipulation that can affect the outcome of a process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What kind of attacks does input validation work well against?

A

buffer overflows, XSS, XSRF, path traversal, and incorrect calculation of buffer size

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are replay attacks?

A

Recreate the conditions that existed the first time the sequence of events occurred

17
Q

What is a integer overflow

A

A programming error condition that occurs when a program attempts to store a numeric value in a variable that is too small to hold it

18
Q

What is Server-Side Request Forgery?

A

When an attacker sends requests to the server-side application to make HTTP requests to an arbitrary domain of the attackers choosing

19
Q

What is Cross-Site Request Forgery?

A

Attacks that utilize unintended behaviors that are proper in defined use but are performed under circumstances outside the authorized use

20
Q

What is an Application Programming Interface (API) attack?

A

Where an attacker specifically attacks the API and the service behind it by manipulating inputs

21
Q

What is Resource Exhaustion?

A

The state where a system does not have all of the resources it needs to continue to function

22
Q

What is a Memory Leak?

A

a type of resource leak that occurs when a computer program incorrectly manages memory allocations in a way that memory which is no longer needed is not released

23
Q

What is Secure Sockets Layer (SSL) Stripping?

A

A man in the middles attack against all SSL and early versions of TLS connections, It works by intercepting the initial connection requests for HTTPS, redirecting it to an HTTP site

24
Q

What is Driver Manipulation?

A

An attack on a system by changing drivers, this changing the behavior of the system

25
Q

What is Shimming?

A

A process of putting a layer of code between the driver and the OS, allows flexibility and portability by enabling changes between different versions of an OS without modding the original driver code

26
Q

What is Refactoring?

A

The process of restructuring existing computer code without changing its external behavior

27
Q

What is Pass The Hash?

A

A hacking technique where the attacker captures the hash used to authenticate a process, They can use this hash by injecting it into a process in place of the password