Test 8

Question 1

Which of the answers listed below refers to a security vulnerability that enables inserting malicious code into input fields, such search bars or login forms, to execute unauthorized commands on a database?

Answer 1

SQLi ( Missed)

Question 2

Which of the following indicates an SQL injection attack attempt?

Answer 2

SELECT * FROM users WHERE userName = ‘Alice’ AND password = ‘’ OR ‘1’ = ‘1’;

Question 3

Which of the answers listed below describe the characteristics of a cross-site scripting attack? (Select 3 answers)

Answer 3

Exploits the trust a user’s web browser has in a website ( Missed)
A malicious script is injected into a trusted website ( Missed)
User’s browser executes attacker’s script ( Missed)

Question 4

Which of the following answers refers to a type of software embedded into a hardware chip?

Answer 4

Firmware

Question 5

Which of the terms listed below refers to a situation in which a product or service may no longer receive security patches or other updates, making it more vulnerable to attack?

Answer 5

EOL

Question 6

What is the main vulnerability related to legacy hardware?

Answer 6

Lack of security updates and patches

Question 7

The term “VM escape” refers to the process of breaking out of the boundaries of a guest operating system installation to access the primary hypervisor controlling all the virtual machines on the host machine.

Answer 7

True

Question 8

Which of the following answers refers to a virtualization-related vulnerability where virtualized assets allocated to one VM are improperly isolated and can be accessed or compromised by another VM?

Answer 8

Resource reuse

Question 9

Which of the answers listed below refers to a cloud-related vulnerability type?

Answer 9

Insecure APIs
Poor access controls
Lack of security updates
Misconfigured cloud storage
Shadow IT / Malicious insiders

Question 10

The practice of installing mobile apps from websites and app stores other than the official marketplaces is referred to as:

Answer 10

Sideloading

Question 11

Which of the following terms is used to describe the process of removing software restrictions imposed by Apple on its iOS operating system?

Answer 11

Jailbreaking

Question 12

The term “Rooting” refers to the capability of gaining administrative access to the operating system and system applications on:

Answer 12

Android devices

Question 13

A type of attack aimed at exploiting vulnerability that is present in already released software but unknown to the software developer is known as:

Answer 13

Zero-day attack

Question 14

Malware that restricts access to a computer system by encrypting files or locking the entire system down until the user performs requested action is called:

Answer 14

Ransomware

Question 15

A Trojan horse is a type of software that performs harmful actions under the guise of a legitimate and useful program. The most characteristic feature of Trojan horse is that while it may function as a legitimate program and possess all the expected functionalities, it also contains a concealed portion of malicious code that the user is unaware of.

Answer 15

True

Question 16

Which type of Trojan enables unauthorized remote access to a compromised system?

Answer 16

RAT

Question 17

A standalone malicious computer program that typically propagates itself over a computer network to adversely affect system resources and network bandwidth is referred to as:

Answer 17

Worm

Question 18

Malicious software collecting information about users without their knowledge/consent is known as:

Answer 18

Spyware

Question 19

Which of the answers listed below refer to the characteristic features of bloatware? (Select 3 answers)

Answer 19

Pre-installed on a device by the device manufacturer or retailer ( Missed)
Generally considered undesirable due to negative impact on system performance ( Missed)
Installed without user consent

Question 20

Which of the following answers refer to the characteristics of a PUP? (Select 3 answers)

Answer 20

Often installed without clear user consent ( Missed)
Can be pre-installed, downloaded, or bundled with other software ( Missed)
Generally considered undesirable due to negative impact on system performance, privacy, and security ( Missed)

Question 21

Which of the statements listed below apply to the definition of a computer virus? (Select 3 answers)

Answer 21

A self-replicating computer program containing malicious segment ( Missed)
Malware that typically requires its host application to be run to make the virus active
Malicious code that typically attaches itself to an application program or other executable component

Question 22

Which of the following is an example of spyware?

Answer 22

Keylogger

Question 23

Malicious code activated by a specific event is called:

Answer 23

Logic bomb

Question 24

Which of the following answers refers to a collection of software tools used by a hacker to mask intrusion and obtain administrator-level access to a computer or computer network?

Answer 24

Rootkit

Question 25

The term “RFID cloning” refers to copying the data stored on any RFID-enabled device (including tags, cards, key fobs, implants, and other objects embedded with RFID technology) onto another RFID-enabled device, which then can be read and used in the same way as the original tag. While RFID cloning can be utilized for legitimate purposes, such as replicating important tags for backup and testing purposes, it also poses significant security risk, as duplicate tags can potentially be used for gaining unauthorized access or unauthorized information disclosure.

Answer 25

True