Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Sec > Quiz 1 > Flashcards

Quiz 1 Flashcards

1
Q

True or False: A Data breach is one that ex-filtrates large amounts of data that was sensitive and stored on some server?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

True or False: Overflowing a global variable is considered a stack overflow.

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

True or False: A good example of a strongly typed language would be C.

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

True or False: In regards to overflow exploits, you only need to worry about “ints” not “strings”.

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

True or False: A “Canary Value” is used is used in the stack frame to keep track of overflow detection.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

True or False: A compiler can determine and stop programs from run time buffer overflows before they occur.

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

True or False: Buffer overflow exploits have been known since the SSL Heartbleed that occurred in 1971.

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

True or False: A programmer can tell the operating system to not allow programs to overflow memory.

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

True or False: Declaring variables as global stops all chances of being able to overflow buffers.

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

True or False: In order to stop buffer overflow exploits, you can use a simple data validation technique?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

When using shell code or instructions that make up shell-code, who’s privileges will you be using?:

a) Privileges of the host program
b) Privileges of the host system
c) Privileges of the admin
d) Privileges of the shell code
e) None of the above

A

a) Privileges of the host program

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Choose the list which contains the strongly typed languages:

a) Languages: C, C++, Java
b) Languages: C++, Java, Python
c) Languages: Python, Java, C
d) None of the above
e) All of the above

A

b) Languages: C++, Java, Python

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What moves addresses of stack, heap, and lib-c to make buffer overflow more difficult?

a) The Kernel
b) Malloc()
c) Address Space Layout Randomization
d) Random Number Generator
e) None of the above

A

c) Address Space Layout Randomization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Stacks are used for which of the following?

a) Allocating memory for Local Variables, Global Variables, and Kernel information
b) Allocating memory for Local Variables, Parameters, and Control information
c) Allocating memory for Global Variables, All functions, and File size
d) Allocating memory on the heap for other functions to utilize

A

b) Allocating memory for Local Variables, Parameters, and Control information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

The definition of shell code is:

a) Binary values corresponding to the desired machine instructions
b) Code that put on the outside of the main code to create a “shell”
c) The address of the parameters when you call a function
d) All of the above
e) None of the above

A

b) Code that put on the outside of the main code to create a “shell”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a NOP sled?

a) Read-only Instructions that execute the “Return-to-Lib-C” exploit
b) Address space that is in the Kernel to stop Overflow exploits
c) Instructions located in the system() function which executes shell code
d) A sequence of instructions that do nothing to control program flow

A

d) A sequence of instructions that do nothing to control program flow

17
Q

Best way to stop buffer/heap exploits?

a) Use pointers
b) Tell the user how much data needs to be input
c) Enforce boundary checking on all input
d) A and C
e) A, B, and C

A

c) Enforce boundary checking on all input

18
Q

The main reason of a buffer overflow exploit is: (Choose the BEST answer)

a) To corrupt data
b) To overwrite the function return address
c) To take control of the program
d) B and C
e) A, B, and C

A

e) A, B, and C

19
Q

________ is when a system is performing its intended functions without being degraded or impaired by changes or disruptions in its internal or external environments?

a) Availability
b) Privacy
c) System Integrity
d) Data Integrity
e) C and D
f) B and C

A

c) System Integrity

20
Q

Which of the following are the main threat sources of cyber assets?

a) Nation-States
b) Cybercriminals
c) Hacktivists
d) All of the Above
e) Russia

A

d) All of the Above

Sec (18 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions