Section 1.3 Analyze potential indicators associated with application attacks

Question 1

In what kind of attack does the attacker input data that exceeds the limits recognized by a program causing the program or even entire system to crash?

Answer 1

Buffer overflow attack

Question 2

Buffer overflow attacks typically result in?

Answer 2

command shell access that gives the attacker admin privileges

Question 3

Buffer overflow attacks are caused primarily by?

Answer 3

Improper input handling

Question 4

What concept could ensure that out-of-range numerical values are handled in safer ways, such as by converting the value to test, truncating or converting it, or ignoring unexpected values?

Answer 4

Error handling

Question 5

What kind of attacks take advantage of the limited resources that most modern computer systems have available for software applications?

Answer 5

Resource Exhaustion

Question 6

In what kind of attack does the attacker exploit a bug within an application to bypass the application and gain elevated privileges that enable the attacker to execute system commands?

Answer 6

Privilege Escalation

Question 7

Protection against privilege escalation requires that programmers do what?

Answer 7

use input validation and test their code for bugs and exploits before releasing the software

Question 8

What do you call a type of website application vulnerability that allows malicious users to inject malicious code into dynamic websites that rely on user input?

Answer 8

Cross-Site Scripting

Question 9

What do you call a type of attack that relies on the ability to use a user’s current web browsing state and trick that user into navigating to a website that contains malicious code?

Answer 9

Cross-site request forgery

Question 10

What type of attack allows a malicious user to submit arbitrary requests to an XSRF-protected-endpoint by modifying the endpoint to which the client-side code makes an HTTP request with a vailed XSRF token, often by form submission?

Answer 10

Client-side request forgery

Question 11

In what type of attack does the attacker exploit the underlying functionality on a server to read or update internal resources that the attacker shouldn’t have access to?

Answer 11

Server-side request forgery

Question 12

What kind of attacks seek to use the API to achieve an impact such as a denial of service, data exfiltration, or code injection?

Answer 12

API attacks

Question 13

In what kind of attacks does an attacker wrap malicious code around legitimate code in an attempt to elevate their privilege or install backdoors?

Answer 13

Shimming attack

Question 14

In what kind of attack does the attacker take advantage of improvements to existing code by adding malicious code to the improvement process?

Answer 14

Refactoring attack

Question 15

What is a type of web application attack that inserts invalid or malicious data into HTTP headers?

Answer 15

Header manipulation

Question 16

What kind of attack injects XML content into the XML application, causing the application to process data according the the malicious injected XML codes?

Answer 16

XML injection attacks

Question 17

What kind of attack exploits libraries by inserting code into a DLL and then having the original process load and execute the code within the DLL?

Answer 17

DLL injection attacks

Question 18

What do you call a type of access vulnerability that enables a hacker to get unauthorized access to files on a web server other than the public files that are served on the website?

Answer 18

Directory Traversal

Question 19

What do you call the situation where an intruder can execute a command at will by exploiting a vulnerability on system, usually in an application?

Answer 19

Arbitrary code execution/remote code execution

Question 20

What kind of attack occurs when an unauthorized user captures network traffic and then send the communication to its original destination, acting as the original sender?

Answer 20

Replay attack

Question 21

What is a vulnerability that allows an attacker who knows the details of an application server’s directory tree to manually traverse the directory using input commands in the URL location bar or input forms in the application?

Answer 21

Directory Traversal

Question 22

What occurs when a malicious hacker is able to access a user’s session cookie and then use the session information to make unauthorized requests as the user?

Answer 22

Session Hijacking

Question 23

What are caused primarily by poor input validation that allows illegal data to be entered into the application, causing processing limits to be exceeded?

Answer 23

Buffer overflows