Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CND > Client Side attacks PEs > Flashcards

Client Side attacks PEs Flashcards

1
Q

_______________ is considered the most successful and sought out method to exploit a target.

A

Social Engineering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

________________ is when an individual is manipulated to perform an action or reveal information that may compromise a target.

A

Social Engineering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

_______________is a form of attack in which untrusted Javascript is injected into a trusted website.

A

Cross-Site Scripting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

True/False Attackers are rarely successful with client side attacks because of the limited number of configuration variables as well as the low amount of user interaction.

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

____________ means that a user’s SQL input or data is checked for items that might harm the database.

A

Sanitized

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What type of attack is initiated when the victim downloads content from the attacker.

A

Client Side

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

____________ checks inputs to ensure that it meets a criteria.

A

Validation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the target of an XSS:

A

Visitor’s browser

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the two types of XSS?

A

Reflected and Stored

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

When the code of the targeted file is replaced with the infected code, this is known as:

A

Overwriting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What may store information pertaining to a session and track client’s other personal data?

A

Cookies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Viruses have a naming convention, established by Symantec, that involves alphanumeric characters, underscores, spaces. Each section is limited to how many characters?

A

20

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

True/False Social engineering occurs when a malicious actor leverages access to a user’s session cookies in order to impersonate that user.

A

false

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Determine whether the XSS method presented is reflected or stored: When the injected script is reflected off the web server.

A

Reflected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

____________ is the use of Valid SQL Queries via input data fields or attaching queries to the end of URLs from client side to server side application which could allow data to be read or modified.

A

SQL Injection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Determine whether the given incident impacts Confidentiality, Integrity, or Availability: Details of a classified government project have been published online. The publisher claims the documentation was provided by an anonymous group of hackers.

A

Confidentiality

17
Q

Determine whether the given incident impacts Confidentiality, Integrity, or Availability: A user has clicked on a malicious link and installed ransomware. The user is unable to access any files.

A

Availability

18
Q

Determine whether the given incident impacts Confidentiality, Integrity, or Availability: An attacker successfully executes a denial-of-service attack against a company which employs 35 people.

A

Availability

19
Q

Determine whether the given incident impacts Confidentiality, Integrity, or Availability: An authorized user is sharing information with a coworker who is not authorized to access that project.

A

Confidentiality

20
Q

Determine whether the given incident impacts Confidentiality, Integrity, or Availability: An employee has modified company financial records to reflect losses for the quarter. The employee then forwards the altered documents to the finance department.

21
Q

Determine whether the given incident impacts Confidentiality, Integrity, or Availability: A hacker has altered financial records to commit fraud.

22
Q

Determine whether the given incident impacts Confidentiality, Integrity, or Availability: An attacker injects or executes arbitrary code on a client.

23
Q

Any software installed on the OS that causes damage, loss of resources, or exploits any programmable device, service, or network is known as what?

24
Q

List the malware type that matches the definition: malware that performs malicious actions when opened by the user.

25
Q

List the malware type that matches the definition: malware that encrypts files and demands a ransom to return the data to the user.

A

Ransomware

26
Q

List the malware type that matches the definition: malware that masquerades as a harmless application. As a result, the user downloads and uses the application. Theft of personal data, device crashing, spy activities, or an attack could occur.

27
Q

List the malware type that matches the definition: A file that modifies other files through execution flow and/or attaching itself to the target file.

28
Q

List the malware type that matches the definition: malware that replicates itself from machine to machine, and does not require user interaction to work.

29
Q

List the malware type that matches the definition: malware that captures and transmits personal information, internet browsing, or communication habits to a designated location

CND (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions