Quiz 1 Flashcards
You are helping the QA team test a new application. If four or more tests all click “Done” at the same time in the interface it causes the application to crash. What is most likely occurring?
Race condition
An organization fails to use a shredder & simply throws all old paper documents into the trash bin behind the office. Which of the following attacks might NOT follow as a result of this choice?
Tailgating
What is the best defense against social engineering attacks?
Training & procedures
A system administrator was fired, the internal file server & backup server crashed. Critical operating system files were deleted from both systems by malware that was installed 2 months ago. No indication of an external threat. This is an example of what kind of malware?
Logic bomb
Which kind of attack sometimes uses a tautology such as “42 = 42” as part of the attack code?
SQL injection (SQLi)
A threat actor has obtained a list of all usernames at an organization. There are over 10,000 usernames. The threat actor writes a script to login to each account using the password “Fall2022!”. What type of an attack does this best describe?
Spraying
While performing quality assurance testing a new custom web application & the tester types “42” into the username field. The application returns an error message displaying a stack trace & a SQL error. This is an example of which of the following?
Improper error handling
A co-worker urges you to download the new tic-tac app for Windows. The cursor on their screen moves on its own & a command prompt window opens & quickly closes. You can’t tell what was displayed in that command prompt window. Your co-worker says its been doing that for awhile. Based on what you’ve seen, you suspect the new tic-tac app is what type of malware?
Trojan
While reviewing web server application logs you notice the following pattern in many requests from several unusual IP addresses: “../../../” What kind of attack was likely attempted?
Directory traversal
Which social engineering attack may use something like DNS poisoning to make it effective?
Pharming