Common Security Breaches

Question 1

What is Cross-site scripting?

Answer 1

malicious scripts are injected into otherwise trusted websites.
an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end-user.

Question 2

What is a SQL injection attacks?

Answer 2

The hacker inputs, or injects, malicious SQL code — a form of malware known as the payload — on the website and fools it into delivering that code to its database as a legitimate query.

Question 3

What is a DOS attack

Answer 3

A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users.

Question 4

What is an example of a DOS attack

Answer 4

Buffer overflow

Question 5

What is a buffer overflow?

Answer 5

an anomaly where a program, while writing data to a buffer, overruns the buffer’s boundary and overwrites adjacent memory locations.

Question 6

What is a man in a middle attack?

Answer 6

an eavesdropping attack where a hacker injects himself in the middle of a transfer of two legitimate users.

Question 7

What are some types of Man in the Middle attacks?1

Answer 7

Spoofing
Email Hijacking
Stealing Browser Cookies
DNS poisoning

Question 8

How do you detect MiTM attacks?

Answer 8

Packet analyzer like wire shark to inspect packets for interferences.

Question 9

How to mitigate SQL attacks?

Answer 9

Back up from storage or using data correction analysis to inspect and replace certain values

Question 10

How do you mitigate DDOS attacks?

Answer 10

by break up or deflecting the malicious traffic to the out layer of the network perimeter using a firewall tool

Question 11

What is a DDOS attack?

Answer 11

disrupt the normal traffic of a targeted server or network