It security

Question 1

1. What is a blind SQL injection?
   A A helper application for SQL injection developed for the partially sighted
   B A type of attack where the result is not directly visible to attacker
   C When the attacker is only capable of randomly modifying the SQL query
   D When the attacker is only capable of modifying the SQL query with the help of a proxy
   module

Answer 1

B A type of attack where the result is not directly visible to attacker

Question 2

2. Interdependent privacy risks for a given user emerge owing to
   A Negative externalities of data sharing with third parties
   B High fixed costs of ICT services
   C Positive externalities of data sharing with third parties
   D The data sharing decisions of the given user

Answer 2

A Negative externalities of data sharing with third parties

Question 3

3. What is Stuxnet?
   A a malware
   B An Iranian uranium enrichment plan
   C An industrial network standard
   D A network of cyber criminal organizations

Answer 3

A a malware

Question 4

4. Which of the following solutions can provide protection against ROP attacks?
   A ASLR
   B Harvard architecture
   C DEP
   D NX bit

Answer 4

A ASLR

Question 5

5. Information security is risk management. Assuming that attackers are becoming
   more skilled over time and other factors affecting the risk of an attack stay the same,
   A The likelihood of the attack stays the same, but the risk increases
   B The likelihood of the attack increases, hence the risk decreases
   C The likelihood of the attack decreases, hence the risk increases
   D The likelihood of the attack increases, hence the risk increases

Answer 5

D The likelihood of the attack increases, hence the risk increases

Question 6

6. What does the design principle “complete mediation” say?
   A The amount of shared mechanisms should be minimized
   B So\ware should run with the least amount of privileges necessary to complete its task
   C Keep it small and simple
   D Check every access to every object every time access is requested

Answer 6

D Check every access to every object every time access is requested

Question 7

7. Which of the following attacks is not relevant for key exchange protocols?
   A Replay of protocol messages
   B Impersonating a protocol participant
   C Exhaustive key search attack
   D Man-in-the-middle attack
   Note: There are 2 different answers in the files we have.

Answer 7

A Replay of protocol messages
C Exhaustive key search attack

Question 8

8. Which of the following risks is not relevant for IT security?
   A Denial of services provided by an IT system
   B Illegal access to data
   C Illegal modification of data
   D Random hardware failures

Answer 8

D Random hardware failures

Question 9

9. What does k-anonymity mean?
   A The direct identifiers of an individual match at least k records in the anonymized dataset
   B The sensitive attribute values of an individual match at least k, or 0 records in the
   anonymized
   dataset
   C The quasi-identifiers if an individual match at least k, or 0 records in the anonymized
   dataset
   D The sensitive attribute values of an individual match at most k records in the anonymized
   dataset

Answer 9

C The quasi-identifiers if an individual match at least k, or 0 records in the anonymized
dataset

Question 10

10. What property of JavaScript makes it dangerous?
    A a user generated event is equivalent to a code-based event
    B Every object inherits from a global prototype
    C The language was developed in about 10 days
    D Every variable is in the global scope
    Note: There are 2 different answers in the files we have. From the slides I would say both
    are correct.

Answer 10

D Every variable is in the global scope
B Every object inherits from a global prototype

Question 11

11. What is a shell code?
    A a particular type of message integrity checksums
    B The passcode needed to run the shell
    C The program code of the OS shell (e. g. bash or cmD exe)
    D Attacker input that aims at opening a shell

Answer 11

D Attacker input that aims at opening a shell

Question 12

12. Which of these is not among the most common attacks against browsers?
    A Stack/heap overflow
    B Use-after-free
    C Integer overflow
    D Compromising the ASLR
    Note: There are 2 different answers in the files we have.

Answer 12

B Use-after-free
D Compromising the ASLR

Question 13

13. Which of the following properties characterize cyber criminal groups?
    A Advanced technical skills, variable information gathering capabilities, rich resources
    B Advanced technical skills, advanced information gathering capabilities, limited resources
    C Variable technical skills, limited information gathering capabilities, limited resources
    D Limited technical skills, limited information gathering capabilities, rich resources

Answer 13

A Advanced technical skills, variable information gathering capabilities, rich resources

Question 14

15. What is not among the security goals of Google Chrome?
    A Reducing the spreading of exploits
    B Reducing the frequency of exposures
    C Reducing the window of vulnerabilities
    D Reducing the severity of vulnerabilities

Answer 14

A Reducing the spreading of exploits

Question 15

14. Which task is to relay security-related info to the development team?
    A Security contact
    B Security advisor
    C Security team
    D Security leadership team

Answer 15

A Security contact

Question 16

16. What is a stack frame?
    A Pair of memory addresses referring to the top and the bottom of the stack
    B A framework for programming the stack
    C Memory area referenced by the stack pointer
    D Part of the stack handled by a given function when it is called

Answer 16

D Part of the stack handled by a given function when it is called

Question 17

17. What does the design principle “least common mechanism” say?
    A The amount of shared mechanisms should be minimized
    B Software should run with the least amount of privileges necessary to complete the task
    C Check every access to every object every time access is requested
    D Consider the human in the loop

Answer 17

A The amount of shared mechanisms should be minimized

Question 18

18. What does salting mean in the case of password hashing?
    A Decreasing the hash computation time by optimization
    B Increasing the hash computation time artificially
    C Computing a hash of random length
    D The hash depends on some random input, besides the password

Answer 18

D The hash depends on some random input, besides the password

Question 19

19. Android device encryption feature protects against which of the following attacks?
    A Reading user data from the memory of a phone that is tuned on
    B Ransomware (since everything is already encrypted )
    C Reading user data from the storage of a phone that is turned on, using a data cable
    disguised as a USB charging cable
    D Reading user data from the flash chip of a phone that is turned off

Answer 19

A Reading user data from the memory of a phone that is tuned on

Question 20

20. Which of the following statements is FALSE?
    A Developers are faced with constraints during the development process
    B Measuring security is difficult
    C Frameworks used during programming do not help the programmer in his/her work
    D Attackers only need to find a single vulnerability, while developers have to pay attention to
    everything in order for the so\ware to be secure.

Answer 20

C Frameworks used during programming do not help the programmer in his/her work

Question 21

21. What is the goal of browser fingerprinting?
    A Identify the browser with cookies
    B Identify the browser with its persistent attributes
    C Identify the user with his/her direct identifiers
    D Identify the browser only with its version number
    Note: There are 2 different answers in the files we have.

Answer 21

B Identify the browser with its persistent attributes
C Identify the user with his/her direct identifiers

Question 22

22. Which of these is not a type of XSS?
    A Reflected XSS
    B Event based XSS
    C DOM based XSS
    D Persistent XSS

Answer 22

B Event based XSS

Question 23

23. What is the main cause that computers can be cracked?
    A They contain vulnerabilities
    B No antivirus product is installed
    C Programmers have strict deadlines
    D The appropriate ports are not closed

Answer 23

A They contain vulnerabilities

Question 24

24. The lemon market for information security is created by
    A Information asymmetry
    B Low demand
    C High fixed costs
    D High marginal costs

Answer 24

A Information asymmetry

Question 25

25. Which of these is performed as a first step during an IOS boot?
    A The kernel is initialized
    B The Apple root certificate is loaded
    C The iBoot code is checked
    D The low level bootloader is executed
    Note: There are 2 different answers in the files we have.

Answer 25

B The Apple root certificate is loaded

Question 26

26. Which of the following actions need a dangerous permission on Android?
    A Sending HTTP POST request to the developer’s server
    B Turning on the vibrator
    C Turning on the WIFI
    D Sending an SMS

Answer 26

D Sending an SMS

Question 27

27. What is black-box testing?
    A Checking only the input and the output, fuzzing
    B A pentest where the ethical hacker has the source code
    C A vulnerability testing where we have only minimal information on the target system
    D When we use programs for testing that are not known by the developer

Answer 27

C A vulnerability testing where we have only minimal information on the target system

Question 28

28. Why do we hash messages before signing them?
    A This allows for shorter signature keys
    B This makes the computation of the signature faster
    C This ensures that besides signing, the message is also encrypted
    D This makes it more difficult to forge signatures

Answer 28

B This makes the computation of the signature faster

Question 29

29. Which security service is provided by encryption?
    A Confidentiality
    B Non-repudiation
    C Integrity protection
    D Message authentication

Answer 29

A Confidentiality

Question 30

30. Zero-day vulnerabilities are…
    A Unpublished vulnerabilities which are known to the attacker
    B Vulnerabilities that can be identified in less than 1 day
    C Vulnerabilities that can be fixed quickly with no effort
    D Publicly well-known Vulnerabilities

Answer 30

A Unpublished vulnerabilities which are known to the attacker

Question 31

31. What is a reference monitor in the model of access control?
    A a dashboard where we can monitor the operation of our access control system
    B An entity that keeps track of the reference to the objects and helps in garbage collection
    C An entity that defines the access control rules
    D An entity that enforces an access control policy

Answer 31

D An entity that enforces an access control policy

Question 32

32. What is “lateral movement”?
    A One element of an attack, where attackers go from one infected host to others
    B A jump instruction based on memory load instructions
    C Protected copy of memory arrays
    D Using LM drivers to raise the level of security

Answer 32

A One element of an attack, where attackers go from one infected host to others

Question 33

33. How does hybrid encryption work?
    A The data is encrypted with an asymmetric key cipher whose key is encrypted with
    symmetric key cipher
    B The data is encrypted with a symmetric key cipher whose key is encrypted with an
    asymmetric key cipher
    C We use the DES cipher in an encrypt-decrypt-encrypt mode (i. e. 3DES in EDE mode)
    D We compute a MAC besides encrypting the data (like AES-CCM or AES-GCM)

Answer 33

B The data is encrypted with a symmetric key cipher whose key is encrypted with an
asymmetric key cipher

Question 34

34. What information can be obtained about a website without loading it or
    communicating with the
    server?
    A The kernel’s version number
    B The version of the webserver, sometimes even the kind of the operating system
    C The number of running threads
    D The source code of scripts and the security level of the database

Answer 34

B The version of the webserver, sometimes even the kind of the operating system

Question 35

35. What is a fingerprint minutiae?
    A Special area of the fingerprint (core or delta)
    B A global fingerprint pattern (such as whirl, loop, arch)
    C The graph defined by the ridge endings and bifurcations
    D (Type (ending or bifurcation), position, direction) triplet
    Note: There are 2 different answers in the files we have.

Answer 35

A Special area of the fingerprint (core or delta)
C The graph defined by the ridge endings and bifurcations

Question 36

36. Which protocol do we use for accessing web pages securely?
    A WPA2
    B IPsec
    C SSH
    D TLS

Answer 36

D TLS

Question 36

37. A database contains the age, home address, and the list of visited locations of
    individuals. Which of these attributes do identify an individual the most in this
    dataset?
    A Home address and 2 visited locations
    B Age, home address and 2 visited locations
    C Home address
    D Age and 2 visited locations

Answer 36

B Age, home address and 2 visited locations

Question 37

38. What happens in case of a stack overflow?
    A The computer runs out of stack memory
    B Part of the stack is overwritten in an unexpected way
    C Too much data is pushed on the stack and it overwrites part of the heap memory
    D The return address of a function is overwritten on the stack
    Note: There are 2 different answers in the files we have.

Answer 37

A The computer runs out of stack memory
D The return address of a function is overwritten on the stack

Question 38

39. Which of the following programming languages is sensitive for buffer overflow
    problems?
    A Python
    B Java
    C Rust
    D C/C++

Answer 38

D C/C++

Question 39

40. What is a reduction proof in modern cryptography?
    A When we prove that breaking a given cipher is at least as hard as efficiently solving a hard
    (or believed to be hard) mathematical problem
    B When we prove the security of each component of a cipher, from which it follows that the
    entire cipher is …
    C When we prove that efficiently solving a hard (or believed to be hard) mathematical
    problem (e.g. factoring) ….. breaking a given cipher
    D When we trace back the problem of breaking a given cipher to that of breaking one of its
    components, or ….. prove that it is sufficient to break that single component to break the
    cipher.

Answer 39

A When we prove that breaking a given cipher is at least as hard as efficiently solving a hard
(or believed to be hard) mathematical problem

Question 40

41. What is a botnet?
    A a network designed as a fractal for robust calculations
    B Anonymization network with many participants
    C A cluster of computers used for distributed computing (hard math problems)
    D A network of infected computers (also named zombies) made by attackers

Answer 40

D A network of infected computers (also named zombies) made by attackers

Question 40

42. Most important properties of worm attacks is
    A Needs user interaction and hence spreads slowly
    B Exploiting network Vulnerabilities they replicate rapidly automatically
    C Very hard to detect by antivirus tools as they use polymorphic code
    D Have a very long code structure

Answer 40

B Exploiting network Vulnerabilities they replicate rapidly automatically

Question 41

43. In fuzzing, the test executor…
    A Does not user error reports
    B Instruments the analyzed piece of software
    C Provides the secure random number generator
    D Collects data about the execution
    Note: There are 2 different answers in the files we have.

Answer 41

B Instruments the analyzed piece of software
C Provides the secure random number generator

Question 42

44. The cascade (vienna) computer virus …
    A One of the first cyber-physical attacks around 2010
    B Infected DEC machines back in the 1970’s
    C Is one of the first brutal worm attacks in the early 2000’s
    D Is originating from the 1980’s and it made big media coverage

Answer 42

D Is originating from the 1980’s and it made big media coverage

Question 43

45. What is the purpose of secure Enclave coprocessor?
    A Providing a secure boot for the system
    B Signature checking for applications
    C Recording and storing fitness data
    D Handling the Touch ID sensor

Answer 43

A Providing a secure boot for the system

Question 44

46. What are the links NOT encrypted in TOR?
    A Between the Entry Onion Router and the Onion Proxy
    B Between the Exit Onion Router and the destination
    C Between two Onion Routers
    D Between the Entry and the Exit Onion Routers

Answer 44

B Between the Exit Onion Router and the destination

Question 45

47. Which of the following decisions related to so\ware development must concern
    itself with the principle of fail-safe defaults?
    A Deciding how to document the internal structure of the so\ware in the user manual
    B Creation of the user account via which the so\ware can connect to the database
    C Designing the buttons on the GUI
    D Decision concerning the default configuration values

Answer 45

C Designing the buttons on the GUI

Question 45

48. How do we determine the risk?
    a. likelihood of successful attacks x their impact
    b. attack surface x potential loss
    c. potential loss / countermeasures
    d. threats x vulnerabilities

Answer 45

a. likelihood of successful attacks x their impact