Chapter 7 Risk Mitigation Controls Mark B Flashcards
Attackers find a vulnerability on a website that allows them to select items from a shopping basket. When the authorized payment button is selected, there is a 500 ms delay. The attackers run a script that takes 200 ms and allows the final payment to be alerted. What is the vulnerability that has been targeted?
A. Buffer overflow
B. Integer overflow
C. Broken Authentication
D. Race Condition
D. Race Condition
Attackers find a vulnerability on a websitte that allows them to select items from a shopping basket. There is a running total value for the basket. When items are added beyond a total of $9,999, the total displays a value starting from $0.00. What is the vulnerability that has been targeted?
A. Buffer overflow
B. Integer overflow
C. Broken authentication
D. Weak ciphers
B. Integer overflow
What allows attackers to sniff traffic on a network and capture cookies sent over HTTP?
A. Improper headers
B. Poor exception handling
C. Certificate errors
D. Race conditions
C. Certificate errors
What allows developers to maintain an inventory of all code libraries and licenses used in their application?
A. Weak cryptography implementations
B. Weak ciphers
C. Weak cipher suite implementations
D. Software composition analysis
D. Software composition analysis
Developers are reveiwing legacy applications written in the C programming language. This is due to a number of recent buffer overflow attackers against the application. They have replaced instances of gets() with fgets() and strcpy() with strcpy_s(). What has prompted this activity?
A. Use of unsafe functions
B. Third party libraries
C. Dependencies
D. Regression
A. Use of unsafe functions
What is it called when developers no longer release security patches for their software applications?
A. End of support/end of life
B. Regression issues
C. Dependencies
D. Bankruptcy
A. End of support/end of life
What is an example of code that is not developed by a development team but is incorporated into many software builds?
A. Use of unsafe functions
B. Third party libraries
C. Dependencies
D. Regression
B. Third party libraries
What is it called when developers rely on a cloud provider API for full functionality of their software applications?
A. Use of unsafe functions
B. Third party libraries
C. Dependencies
D. Regression
C. Dependencies
When a software component has previously worked well but now proves to be slow or unresponsive, what is it known as?
A. Unsafe functions
B. Unsafe third party libraries
C. Software dependencies
D. Software regression bug
D. Software regression bug
When considering input validation for your web application, where should the validation take place?
A. Client side
B. Flash
C. Server side
D. ActiveX
A. Client side
What is runtime or interpreted code that can provide media rich web content within a web browser?
A. REST
B. Browser Extensions
C. ActiveX
D. HTML5
What is runtime orr interpreted code that can provide partial page updates (therefore saving bandwidth) when repositioning a map on screen?
A. AJAX
B. SOAP
C. Flash
D. ActiveX
Security professionals have found IOCs while reviewing their SIEM logs. The following commands were found from the application server logs:
../../../../etc/passwd
What type of activity did they see?
A. Directory traversal
B. XSS
C. CSRF
D. SQL injection
A. Directory traversal
Security professionals have found IOCs while reviewing SIEM logs. The following commands were fiund in the application server logs:
GET http://acmebank.com/transferfunds.do?acct=bobjones&amount=%400 HTTP/1.1
What type of activity did they see?
A. Injection
B. XML
C. LDAP
D. XSRF
A. Injection
While reviewing web application firewall logs, security pros have found IOCs. THe following commands were found in the logs:
SELECT*FROM users WHERE username = “OR 1=1 -‘ AND password = ‘mypass1’
What type of activity did they see?
A. Injection
B. XML
C. LDAP
D. SQL
D. SQL
