Transcript Chapter 7 Test Reviewx

CHAPTER 7: IDENTIFYING
ADVANCED ATTACKS
McKinley Technology HS - Cybersecurity
Question 1
An attacker enters a string of data in a web
application’s input form and crashes it. What
type of attack is this?
A. DoS
B. DDoS
C. Man-in-the-Middle
D. Header manipulation
Question 2
What will protect against a SYN attack?
A. Input validation
B. Error handling
C. Flood guard
D. Cross-site scripting
Question 3
What can an administrator use to detect a DDoS
attack?
A. Privilege escalation
B. Performance baseline
C. Web form sanitization
D. Antivirus software
Question 4
A user browsing the Internet notices erratic
behavior right before the user’s system
crashes. After rebooting, the system is slow
and the user detects hundreds of outbound
connections. What likely occurred?
A. The system has become a botnet
B. The system is hosting a botnet
C. The system is spamming other users
D. The system has joined a botnet
Question 5
A computer is regularly communicating with an
unknown IRC server and sending traffic
without user interaction. What is likely
causing this?
A. Buffer overflow
B. Cross-site scripting
C. Botnet
D. Rootkit
Question 6
Of the following choices, what uses a
command and control server?
A. DoS attacks
B. Trojans
C. Man-in-the-Middle
D. Botnet
Question 7
Of the following choices, what type of attack
can intercept traffic and insert malicious
code into a network conversation?
A. Spim
B. Xmas attack
C. LDAP attack
D. Man-in-the-middle
Question 8
What can a header manipulation attack
modify?
A. Flags
B. Buffers
C. Databases
D. Signature definitions
Question 9
An attacker is sending false hardware address
updates to a system, causing the system to
redirect traffic to an attacker. What type of
attack is this?
A. IRC
B. ARP poisoning
C. Xmas attack
D. DNS poisoning
Question 10
What can mitigate ARP poisoning attacks in a
network?
A. Disable unused ports on a switch
B. Man-in-the-middle
C. DMZ
D. VLAN segregation
Question 11
You manage a server hosting a third-party
database application. You want to ensure
that the application is secure and all
unnecessary services are disabled. What
should you perform?
A. Secure code review
B. Application hardening
C. White box testing
D. Black box testing
Question 12
Of the following choices, what is a step used to
harden a database application?
A. Enabling all services
B. Disabling default accounts and changing
default passwords
C. Disabling SQL
D. Disabling stored procedures
Question 13
An organization develops its own software. Of
the following choices, what is a security
practice that should be included in the
process?
A. Check vendor documentation
B. SDLC Waterfall model
C. Code review
D. Enabling command injection
Question 14
An attacker in entering incorrect data into a
form on a web page. The result shows the
attacker the type of database used by the
website and provides hints on what SQL
statements the database accepts. What can
prevent this?
A. Error handling
B. Antivirus software
C. Anti-spam software
D. Flood guards
Question 15
Your organization hosts several websites
accessible on the Internet and is conducting
a security review of these sites. Of the
following choices, that is the most common
security issue for web-based applications?
A. Input validation
B. Phishing
C. Whaling
D. Social engineering
Question 16
An IDS detected a NOOP sled. What kind of
attack does this indicate?
A. Input validation
B. SQL injection
C. Cross-site scripting
D. Buffer overflow
Question 17
A web-based application expects a user to
enter eight characters into the text box. What
is a potential vulnerability for this
application?
A. Input validation
B. Buffer overflow
C. SYN flood
D. Flood guard
Question 18
Of the following choices, what can help
prevent SQL injection attacks?
A. Output validation
B. NOOP sleds
C. Stored procedures
D. Antivirus software
Question 19
A web developer wants to prevent cross-site
scripting. What should the developer do?
A. Use input validation to remove hypertext
B. Use input validation to remove cookies
C. Use input validation to SQL statements
D. Use input validation to overflow buffers
Question 20
A website prevents users from using the lessthan character (<) when entering data into
forms. What is it trying to prevent?
A. Logic bomb
B. Cross-site scripting
C. Fuzzing
D. SQL injection
Question 21
While analyzing an application log, you
discover several entries where a user has
entered the following command into a webbased form:…/etc/passwd. What does this
indicate?
A. Fuzzing
B. Kiting
C. Command injection attack
D. DoS
Question 22
In regards to secure coding practices, why is
input validation important?
A. It mitigates buffer overflow attacks.
B. It makes the code more readable.
C. It provides an application configuration baseline.
D. It meets gray box testing standards.
Question 24
Which of the following steps should follow the
deployment of a patch?
A. Antivirus and anti-malware deployment
B. Audit and verification
C. Fuzzing and exploitation
D. Error and exception handling
Question 25
A security administrator is observing congestion on the
firewall interfaces and a high number of
half open incoming connections from different external
IP addresses. Which of the following attack
types is underway?
A. Cross-site scripting
B. SPIM
C. Client-side
D. DDoS