cyber (Beta)

хомяк убийца
Quiz by хомяк убийца, updated more than 1 year ago
хомяк убийца
Created by хомяк убийца about 2 years ago
634
8
1

Description

- at Quiz on cyber (Beta), created by хомяк убийца on 12/10/2017.

Resource summary

Question 1

Question
Define foot printing
Answer
  • Find out more about structure of target
  • Find out individual computers of target
  • Involves relatively high amount of manual work
  • Check if target candidates are actual alive and reachable

Question 2

Question
Into which classes are instructions grouped
Answer
  • Load/Store
  • Loops
  • Continuation
  • Comparison
  • Arithmetic

Question 3

Question
Define a verification in reconnaissance
Answer
  • Find out more about structure of target
  • Find out individual computers of target
  • Involves relatively high amount of manual work
  • Check if target candidates are actual alive and reachable

Question 4

Question
Define a command injection
Answer
  • An injection attack wherein an attacker can execute malicious SQL statements
  • A type of computer security vulnerability typically found in web application
  • An attack in which the goals is execution of arbitrary commands on the host operating system via a vulnerable application

Question 5

Question
Define OWASP
Answer
  • Open Web Application Security Program
  • Open Wide Application Security Program
  • Open Wide Application Security Project
  • Open Web Application Security Project

Question 6

Question
When command injection is possible
Answer
  • User input is either incorrectly filtered for string literal for escape characters embedded in SQL statement or user input is not strongly typed and unexpected executed
  • An application passes unsafe user supplied data (forms, cookies, HTTP headers and etc.) to a system shell
  • Relies on Social Engineering in order to trick the victim into executing malicious JavaScript code into their browser

Question 7

Question
How does an interpreter work?
Answer
  • Translate source code into some efficient intermediate representation and immediate executes this
  • Describes sequences of executable instructions that do not necessarily constitute an executable file
  • Transforms source code written in a programming language into another computer language
  • Parse the source code and perfom its behavior directly

Question 8

Question
Find an appropriate types of interpreters
Answer
  • Matlab
  • Bash
  • Ruby
  • Python

Question 9

Question
What does register “rip” store?
Answer
  • Condition flags
  • Program counter
  • Frame pointer
  • Stack pointer

Question 10

Question
Which of the following GDB commands puts breakpoints at the beginning of the program?
Answer
  • b N
  • b +N
  • b main
  • into break

Question 11

Question
Which of the following GDB commands puts breakpoint N lines down from the current line ?
Answer
  • N
  • fn
  • +N

Question 12

Question
Dissasembling
Answer
  • Preservers a symbol table entity
  • The process of recovering assembly from machine code
  • The process of deallocating arguments on the stack
  • All of the above

Question 13

Question
Callee:
Answer
  • all of the above
  • procedure invoked by another function
  • code that invokes a procedure
  • deallocates arguments on stack after return

Question 14

Question
Caller:
Answer
  • registers that must not be clobbered
  • procedure invoked by another function
  • code that invokes a procedure
  • none of the above

Question 15

Question
Give the description of Mem(rsp)?Succ(rip)
Answer
  • store successor
  • pop successor into rip
  • jump to address
  • jump to successor

Question 16

Question
Distinction between jumps and calls
Answer
  • there is no destinction between jumps and calls
  • jumps simply transfer control with no side effects, calls used to implement procedures
  • jumps used to implement procedures, calls simply transfer control with side effects
  • jumps simply transfer control with side effects, calls used to implement transfers

Question 17

Question
Distinction between direct and indirect transfers
Answer
  • direct transfers use relative offsets, indirect transfers are absolute
  • direct transfers are absolute, indirect transfers use relative offsets
  • direct transfers use fixed offsets, indirect transfers are not absolute
  • direct transfers are not absolute, indirect transfers use fixed offsets

Question 18

Question
Standards (calling conventions) exist for:
Answer
  • none of the above
  • specify the caller and callee’s responsibilities
  • all of the above
  • specify where arguments are passed (registers, stack)

Question 19

Question
Select all possible ways to protect the stack
Answer
  • stack canaries
  • memory safe languages, such as Java, C#
  • using strcpy instead of stcncpy
  • address space layout randomization
  • non-executable flag

Question 20

Question
What are requirements of stack canaries (i.e. cookies)?
Answer
  • Large domain
  • Small domain
  • Randomness
  • Replicativeness

Question 21

Question
Which one of the following is true abot UID key?
Answer
  • Derived from user passcode
  • Prevents offline attacks
  • Can only be used while the phone is running
  • Ensures passcode key is unique for different devices even if passcode is the same

Question 22

Question
What of the following is false for provisioning?
Answer
  • Device allows apps signed by owner’s key to run according to the installed profile
  • Apple signs a provisioning profile that references developer certs
  • Users install provisioning profile
  • Apple signs certificates provided by developers

Question 23

Question
Which of the following refers to Android components?
Answer
  • ContentProvider
  • Activity
  • Service
  • BroadcastReceiver

Question 24

Question
How many Android malware categories are represented?
Answer
  • 2
  • 3
  • 4
  • 5
  • 6

Question 25

Question
Which of the following is right about mobile devices challenges?
Answer
  • Limited user input capabilities
  • Mobile devices are at lower risk of confidentiality breachesv
  • Difficult to perform pre-boot authentication
  • Difficult to lose or steal a phone than a desktop

Question 26

Question
Define PBKDF2
Answer
  • Password-Based Key Demonstration Function
  • Password-Based Key Derivation Function
  • Password-Based Key Derivation Formula
  • Password-Based Key DemonstrationFunction (реально там так)

Question 27

Question
What are the challenges that mobile devices present?
Answer
  • Unlimited user input capabilities
  • Difficult to perform pre-boot authentication
  • Uses touch-screen instead of keyboards

Question 28

Question
Select all of iOS Data Protection classes
Answer
  • File is protected, only accessible when device unlocked
  • File is not protected
  • File is protected, accessible after device unlocked
  • File is protected until user passcode entered

Question 29

Question
Select all libc’s unsafe function that was removed in bionic.
Answer
  • strcpy
  • strncpy
  • gets
  • strcat

Question 30

Question
When code signature of capabilities is validated in iOS?
Answer
  • during kill
  • during installation
  • during start up
  • at run time

Question 31

Question
Why do we carry about Web Applications Security? Choose all that apply.
Answer
  • Logs can be easily deleted
  • Widely deployed
  • Easy to detect
  • No encryption used

Question 32

Question
OWASP is community dedicated to enabling organizations to maintain applications that can be trusted and stands for:
Answer
  • Open Web Application Security Project
  • Online Web Application Security Project
  • Online Web Application Security Principles
  • Open Web Application Security Principles
  • Open Web Application Standards Project

Question 33

Question
Application authentication functions are often not implemented correctly, allowing attackers to compromise passwords, keys, or session tokens, or to exploit other implementation flaws to assume other users’ identities.
Answer
  • Injection
  • Cross-Site Request Forgery (CSRF)
  • Using Components with Known Vulnerabilities
  • Cross-Site Scripting (XSS)
  • Broken Authentication and Session Management

Question 34

Question
This attack occurs when a developer exposes a reference to an internal implementation object, such as a file, directory, or database key.
Answer
  • Sensitive Data Exposure
  • Insecure Direct Object References
  • Unvalidated Redirects and Forwards
  • Injection
  • Missing Function Level Access Control

Question 35

Question
If a vulnerable library, framework, or any other software is exploited, such an attack can facilitate serious data loss or server takeover.
Answer
  • Sensitive Data Exposure
  • Using Components with known vulnerabilities
  • Unvalidated Redirects and Forwards
  • Missing Function Level Access Control
  • Insecure Direct Object References

Question 36

Question
Assume that your Web application stores information about many bank accounts. Which threat is your application vulnerable to if you can manipulate the URL of an account page to access all accounts?
Answer
  • Insecure Direct Object Reference
  • Cross-site scripting
  • Cross-Site Request Forgery
  • Injection
  • Unvalidated Redirects and Forwards

Question 37

Question
Which of the following input sources can be directly controlled by a malicious user?
Answer
  • GET/POST parameters
  • Window.location
  • Server code
  • Server configuration files
  • Ports

Question 38

Question
What should you do before passing credentials over the network?
Answer
  • Use Secure Socket Layer Connection
  • Replace the credentials with a cryptographic salt and hash
  • Share the credentials with the client
  • Accept session IDs from URLs
  • Use persistent cookies to manage session IDs

Question 39

Question
What is an interpreter?
Answer
  • a computer program that compiles executions, instructions
  • a computer program that directly executes, i.e. performs, instructions written in a human language, without previously compiling them into a machine language program
  • a computer program that directly executes, performs, instructions written in a programming or scripting language, without previously compiling them into a machine language program
  • a computer program that directly executes, performs, instructions written in a programming or scripting language after compiling them into a machine language program

Question 40

Question
Reconnaissance methods are
Answer
  • Intelligence gathering
  • Finger printing
  • Verification
  • Banner grabbing

Question 41

Question
Which phase of reconnaissance is important so that if you make mistake in this phase you may never find vulnerable part of system
Answer
  • Intelligence Gathering
  • Fingerprinting
  • Banner grabbing
  • Verification
  • Footprinting

Question 42

Question
It is known that core principle of port scanning is : send packet and then check the response During SYN scan what response implies that port is open
Answer
  • ACK
  • SYN
  • RST

Question 43

Question
Many eCommerce businesses utilize third party payment provides to store credit card information for recurring billing. This offloads the burden of keeping credit card numbers safe. It correspond to the following rule:
Answer
  • Use strong approved Authenticated Encryption
  • Only store sensitive data that you need
  • Follow applicable regulation on use of cryptography
  • Ensure that any secret key is protected from unauthorized access

Question 44

Question
How to prevent “Sensitive Data Exposure”
Answer
  • Enable caching for pages that contain sensitive data
  • Restrict character set used for password
  • Enable autocomplete on forms collecting sensitive data
  • Don’t store sensitive data unnecessarily

Question 45

Question
Storage encryption should add additional layer of protection that will continue protecting the data even if an attacker subverts the database access control layer . It corresponds to the following rule
Answer
  • Ensure that any secret key is protected from unauthorized access
  • Follow applicable regulation on use of cryptography
  • Ensure that the cryptographic protection remains secaure even if access control fail
  • Use strong approved Authenticated Encryption

Question 46

Question
What is defined by key lifecycle?
Answer
  • The lifecycle will specify when data must be rekeyed
  • The lifecycle will specify when a key should no longer be use for decryption
  • The lifecycle will specify when a key should no longer be use for encryption
  • All of them

Question 47

Question
A site simply doesn’t use SSL for all authenticated pages. Attacker simply monitor network traffic (like an open wireless network) and steals the user’s session cookie. Attacker then replays this cookie and hijacks the user’s session, accessing the user private data. This scenario of attack belongs to
Answer
  • Injection
  • Cross-Site Request Forgery CSRF
  • Sensitive Data Exposure
  • Cross Site Scripting XSS

Question 48

Question
The password database uses unsalted hashes to store everyone’s password. A file upload flaw allows an attacker to retrieve the password file. All of the unsalted hashes can be exposed with a rainbow table of precalculated hashes. This scenario of attack belongs to
Answer
  • Cross Site Scripting
  • Injection
  • Cross-Site Request Forgery
  • Sensitive Data Exposure

Question 49

Question
Web application is vulnerable to ‘Sensetive Data Exposure ’ if:
Answer
  • Proper key management or rotation missing
  • All of them
  • Browser security directives or headers missing when sensitive data is provided by /sent to the browser
  • Sensitive data transmitted in clear text, internally or externally

Question 50

Question
Which statements are the part of DML in SQL?
Answer
  • DELETE
  • INSERT
  • SELECT
  • CREATE
  • DROPE

Question 51

Question
what are the most popular things to attacker can do stack vulnerability ?
Answer
  • Change the control flow of the program
  • Report the bag to a developer of the program
  • Overflows the stack to throw segmentation fault
  • Rewrite the program variable values
  • Inject a new functionality to the program

Question 52

Question
Low level languages like C/C++ are no memory-safe .Which of the following statements is true: Programmers can directly manipulate pointers Memory accesses are not bounds-checked for validity
Answer
  • none of them
  • both of them
  • only 2
  • only 1

Question 53

Question
What are the potential targets of stack overwrite attack? User data Instruction pointers Frame pointers
Answer
  • all of them
  • only 1 and 3
  • only 1 and 2

Question 54

Question
What are requirements for running payload in the stack ? Payload should not contain ZEROS Stack should be non – executable Playload size should be smaller than buffer size
Answer
  • 1, 2
  • 1,3
  • 1
  • all

Question 55

Question
What are the potential targets of stack overwrite attack ?
Answer
  • User data
  • Instration pointer
  • Procedure arguments
  • Frame pointers

Question 56

Question
What are requirements for running payload in the stack ?
Answer
  • Payload size should be smaller than buffer size
  • Stack should be non-executable
  • Payload should use libc library
  • Payload should not contain ZEROS

Question 57

Question
Which of the following does not refer to the OWASP?
Answer
  • Unvalidated Redirects and Forwards
  • Sensitive Data Exposure
  • Cross – Site Request Forgery
  • Using Unknown Vulnerable Components

Question 58

Question
Which of the following provides API for accessing browser state and frame content?
Answer
  • Document Object Model
  • Structured Query Language
  • JavaScript Object Notation
  • ActionScript
  • JavaScript

Question 59

Question
What are the ways insert JavaScript code into HTML page? Select all that apply
Answer
  • Embedded
  • Inline
  • External

Question 60

Question
What kind of protection mechanisms exist against XSS attack?
Answer
  • HttpOnly
  • Secure Socket Layer (SSL)
  • Output Sanitization
  • Firewall
  • Input Validation

Question 61

Question
When and by whom proposed stack cookies?
Answer
  • Cowan, 1996
  • Cowan, 1998
  • Vaughan, 1998

Question 62

Question
Which of the following refers to defenses for memory corruption
Answer
  • Stack canaries
  • Safer libc functions
  • Random canaries
  • Heap canaries

Question 63

Question
Which of the following properties are required in stack cookies?
Answer
  • Random
  • Large domain
  • Sequence
  • Small domain

Question 64

Question
If attackers cannot inject an executable exploit payload, what does one do?
Answer
  • Jump-oriented programming
  • Return-oriented programming
  • Reuse existing code
  • Return-into-libc

Question 65

Question
What is the purpose of using ASLR?
Answer
  • Recognize the names of the addresses
  • Recognize the locations of the addresses
  • Randomize the locations of the addresses
  • Randomize the names of the addresses

Question 66

Question
Define ASLR
Answer
  • Address security layout randomization
  • Address space layout randomization
  • Application space layer randomization
  • Application space layout randomization

Question 67

Question
Which of the following is true about ASLR?
Answer
  • Transparent to safe applications
  • Very little overhead
  • Requires program recompilation
  • Randomizing at process creatin

Question 68

Question
Which of the following idea about stack cookies proposed by Cowan?
Answer
  • Before returning, check the value against the original
  • Guard sensitive data, including the saved IP, with a copy of a secret value
  • If there is a difference, assume something bad has happened and terminate
  • If there is a difference, assume something good has happened and terminate

Question 69

Question
Which of the following does not refer to the cryptographic storage rules?
Answer
  • Store a one-way and salted value of passwords
  • Save all your data
  • Use strong approved Authenticated Encryption
  • Ensure that any secret key is protected from unauthorized access

Question 70

Question
How many types of XSS exist?
Answer
  • 1
  • 2
  • 3
  • 4

Question 71

Question
Which of the following type does not refer to XSS?
Answer
  • Reflected
  • Stored
  • MOM based
  • DOM based

Question 72

Question
Define reflected XSS
Answer
  • Attacker submits malicious code to server
  • Code included in page rendered by visiting link
  • Victim accesses page that includes stored, injected code
  • App (server-side) persists code

Question 73

Question
Which of the following is false about stored XSS?
Answer
  • Attacker submits malicious code to server
  • Code included in page rendered by visiting link
  • Victim accesses page that includes stored, injected code
  • App (server-side) persists code

Question 74

Question
Which of the following does not refer to protection against XSS attacks?
Answer
  • Procedure integrity
  • Output Sanitization
  • XSS Filter
  • HTTP Only

Question 75

Question
How many classes exist in document integrity
Answer
  • 1
  • 2
  • 3
  • 4

Question 76

Question
A direct object reference occurs when a developer exposes a reference to
Answer
  • Internal implementation object
  • File
  • Directory
  • Database key

Question 77

Question
Even “secure” websites that use SSL just accept the requests that arrive through the encrypted tunnel without security
Answer
  • True
  • False

Question 78

Question
If the parameters are under control of the user and are not properly sanitized, the user can inject its own commands in the interpreter
Answer
  • True
  • False

Question 79

Question
Injection flaws occur when an application send trusted data to an interpreter
Answer
  • True
  • False

Question 80

Question
A direct object reference occurs when a developer exposes a reference to an internal implementation object, such as a file, directory, or database key
Answer
  • True
  • False

Question 81

Question
Injection flaws occur when an application send untrusted data to an interpreter
Answer
  • True
  • False

Question 82

Question
Injection flaws occur when an application send untrusted data to an compiler
Answer
  • True
  • False

Question 83

Question
Is the following statement true about Insecure Direct Object Reference “With an access control check or other protection, attackers can manipulate these references to access unauthorized data.”
Answer
  • True
  • False

Question 84

Question
Is the given statement true about Missing Function Level Access Control “Applications need to perform the same access control checks on the server when each function is accessed”
Answer
  • True
  • False

Question 85

Question
Stack grows downwards. Stack is data segment for function-local data, dynamic data and text data.
Answer
  • True
  • False

Question 86

Question
Memory can distinguish between different types of variable by using flags
Answer
  • True
  • False

Question 87

Question
Compilers translate code from a higher level to a lower level
Answer
  • True
  • False

Question 88

Question
Control transfers change control flow of programs
Answer
  • True
  • False

Question 89

Question
Marking the stack with non-executable flag prevents from all types of stack attack
Answer
  • True
  • False

Question 90

Question
Protecting stack with canary may leak sensitive information
Answer
  • True
  • False

Question 91

Question
Mobile devices are at a lower risk of confidentiality breaches
Answer
  • True
  • False

Question 92

Question
Mobile devices present unique challenges
Answer
  • True
  • False

Question 93

Question
iOS provides an API for encrypting stored files
Answer
  • True
  • False

Question 94

Question
Device ID (UID) in iphone can be used when phone is turned off.
Answer
  • True
  • False

Question 95

Question
Brute Force mitigations that are implemented on UI can not be escaped
Answer
  • True
  • False

Question 96

Question
It is possible to dynamically sign the code in IOS
Answer
  • True
  • False

Question 97

Question
When implementing an authentication or session system, you should ensure that new session IDs are not created at login
Answer
  • True
  • False

Question 98

Question
It is possible to run operating system shell command inside web site
Answer
  • True
  • False

Question 99

Question
Recursive sweep begins at an address and continues sequentially until the buffer exhausted
Answer
  • True
  • False

Question 100

Question
Developers can protect the web application by filtering out malicious input
Answer
  • True
  • False

Question 101

Question
Verification phase during reconnaissance involve high amount of manual work
Answer
  • True
  • False

Question 102

Question
Zone transfer is about copying original DNS data to different DNS Server
Answer
  • True
  • False

Question 103

Question
strcpy() performs no bounds-checking, relying instead on finding a terminating null character in the source string
Answer
  • True
  • False

Question 104

Question
If the keys are stored with the data then any compromise of the data will easily compromise the keys as well. Unencrypted keys should never reside on the same machine or cluster as the data.
Answer
  • True
  • False

Question 105

Question
SQL DML is used to manipulate with records in tables
Answer
  • True
  • False

Question 106

Question
It is possible to protect web application from SQL injection by filtering out single and double quotes
Answer
  • True
  • False

Question 107

Question
It is not possible to inject complex SQL statements as a part of an attack, except SELECT statements
Answer
  • True
  • False

Question 108

Question
NOP sled is special instruction which tells the OS that the program has payload, and it should directly run it.
Answer
  • True
  • False

Question 109

Question
It is not possible to inject new code to the stack
Answer
  • True
  • False

Question 110

Question
JavaScript use strongly type primitives to provide basic functionality
Answer
  • True
  • False

Question 111

Question
Cross Site Scripting attack is the result of running code from untrusted origin
Answer
  • True
  • False

Question 112

Question
Is the given statement true about non – executable data? If the attacker can assume control flow but cannot execute a payload, attacks become more difficult
Answer
  • True
  • False

Question 113

Question
Is the following statement true about Instruction Set Randomization? Does not require a large degree of support from underlying layers
Answer
  • True
  • False

Question 114

Question
Is the given statement true about XSS “running code from a trusted origin”
Answer
  • True
  • False

Question 115

Question
In reflected XSS the code is included as a part of malicious link
Answer
  • True
  • False

Question 116

Question
Is the given statement true about HTTPOnly attribute “Specifies that cookie should be exposed via document cookie”?
Answer
  • True
  • False

Question 117

Question
Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application
Answer
  • True
  • False

Question 118

Question
Intelligence Gathering involves relatively high amount of manual work
Answer
  • True
  • False

Question 119

Question
1Which functions are mostly vulnerable to stack overflow attacks
Answer
  • Strcat()
  • Strcpy()
  • Gets()
  • Scanf()

Question 120

Question
What will be result, if we ‘print “a”x300;’ for the given code? int main(int argc, char ** argv){ char buf[256]; strcpy(buf,argv[1]); printf(“%s\n”, buf); return 0;}
Answer
  • Error
  • 0
  • Ax300 times
  • Ax256 times, 0x44 times

Question 121

Question
The consequences of arbitrary code execution
Answer
  • a. Nothing happens
  • b. Can obtain administrative privileges
  • c. Privilege escalation
  • d. The attacker is able to take control of the execution flow of a program

Question 122

Question
What is a buffer
Answer
  • a. A situation where a running program attempts to write data outside the memory buffer which is not intended to store this data
  • b. A buffer is simply a contiguous block of computer memory that holds multiple instances of the same data type
  • c. Portion of the memory allocated for storage programs such as variables
  • d. The program that wants to overwrite the memory

Question 123

Question
Why does stack overflow attack occur?
Answer
  • a. Programmers can directly manipulate pointers
  • b. Memory accesses are checked
  • c. Memory accesses are not bounds-checked for validity
  • d. Programmers cannot directly manipulate pointers

Question 124

Question
When the stack overflow attack is introduced?
Answer
  • 1970
  • 1980
  • 1989
  • 1978

Question 125

Question
Which is not going to be randomized in ASLR
Answer
  • a. Library
  • b. Text
  • c. Heap
  • d. Stack

Question 126

Question
18. Which is going to be randomized in ASLR?
Answer
  • a. Library
  • d. Stack
  • b. Text
  • c. Heap

Question 127

Question
Why the stack canary is the effective of protecting from overflow attack?
Answer
  • a. Canary stack has to check variables
  • b. Stack canary might be reused
  • c. Stack canary is the constant value
  • d. Canary stack corrupts the executed code, then instruction will have an ability to set to the next

Question 128

Question
How many types of attack exist?
Answer
  • 2
  • 3
  • 4
  • 5

Question 129

Question
Define an active attack?
Answer
  • a. The attacker can monitor and can do recognition of the target
  • b. The Attacker attempts to alter system resources or destroy the data
  • c. The Attacker attempts to gain information from the system without destroying the information
  • d. The Attacker can change the data

Question 130

Question
Define a passive attack
Answer
  • a. The Attacker attempts to gain information from the system without destroying the information
  • b. The Attacker can change the data
  • d. The Attacker attempts to alter system resources or destroy the data
  • c. The attacker can monitor and can do recognition of the target

Question 131

Question
Which of the following attacks refer to the active attack?
Answer
  • a. Overflow
  • DoS
  • b. Man in the middle attack
  • c. Eavesdropping

Question 132

Question
Which of the following attacks refer to the passive attack?
Answer
  • a. Idle attack
  • b. Dos
  • Overflow
  • c. Port scanner

Question 133

Question
What kind of attack is given? You would like to send some requests to kaspi.kz, here an attacker forwards your request to fake kaspi.kz
Answer
  • a. Dos
  • b. Eavesdropping
  • Overflow
  • c. Address spoofing

Question 134

Question
What does an ARP Based filtering mean
Answer
  • a. Sniffing packets between two hosts on a switched network
  • b. Filtered packets by IP address
  • c. Sniffing packets from a user to all hosts
  • d. Filtered packets by MAC address

Question 135

Question
What does Public ARP Based filtering mean?
Answer
  • a. Sniffing packets from a user to all hosts
  • b. Sniffing packets between two hosts on a switched network
  • c. Filtered packets by IP address
  • d. Filtered packets by MAC address

Question 136

Question
Which of the following attacks refer to the passive attack?*
Answer
  • a. Dos
  • Overflow
  • Port Scanner
  • No answer

Question 137

Question
What are the most popular things attacker can do after exploiting stack vulnerability
Answer
  • a. Change the control flow of the program
  • c. Report the bug to a developer of the program
  • d. Overflows the stack to throw segmentation fault

Question 138

Question
Which of the following properties are requires in stack cookies?
Answer
  • a. No correct answer
  • b. Small domain
  • c. Sequence
  • d. Random

Question 139

Question
Which of the following is false about ASLR?
Answer
  • a. Requires program recompilation
  • b. Transparent to safe applications
  • c. Randomizing at process creation
  • d. Very little overhead

Question 140

Question
Which of the following does not refer to the consequences of arbitrary code execution
Answer
  • a. The attacker is able to take control of the execution flow of a program
  • b. Nothing happens
  • c. Can obtain administrative privileges
  • d. Privilege escalation

Question 141

Question
What are the most popular things attacker can do after exploiting stack vulnerability?
Answer
  • a. Inject a new functionality to the program
  • b. Overflows the stack to throw segmentation fault
  • c. No correct answer
  • d. Report the bug to a developer of the program

Question 142

Question
What are the most popular things attacker can do after exploiting stack vulnerability?
Answer
  • a. Inject a new functionality to the program
  • b. Overflows the stack to throw segmentation fault
  • c. No correct answer
  • d. Report the bug to a developer of the program
  • e. Rewrite the program variable values

Question 143

Question
Which of the following is not a way to protect the stack
Answer
  • a. Address Space Layout Randomization
  • b. Memory safe languages, such as Java, C
  • c. Using strcpy instead of strncpy
  • d. Non-executable Flag

Question 144

Question
Which of the following idea is false about stack cookies proposed by Cowan?
Answer
  • a. Before returning, check the value against the original
  • b. If there is a difference, assume something bad has happened and terminate
  • c. Guard sensitive data, including the saved IP, with copy of a secret value
  • d. If there is a difference, assume something good has happened and terminate

Question 145

Question
Disassembling is
Answer
  • a. All the above
  • b. Preserves a symbol table entry
  • d. The process of deallocating arguments on the stack none of the above
  • c. The process of recovering assembly from machine code

Question 146

Question
Define the given attack type Username = Emmanuel Passwords = 1234567, qwertz, asdfgh, abcd, .... [pet names], [birthdays], [car names], [dictionary]...
Answer
  • a. Session spotting
  • b. Replay attack
  • c. Brute force
  • d. Session fixation attack

Question 147

Question
What is Normal Brute Force attack?
Answer
  • c. For one username attackers test one password
  • d. For one password attackers test many user names
  • e. For one username attackers test many passwords
  • f. All the above mentioned

Question 148

Question
Define Reverse Brute Force
Answer
  • a. For one password attackers test many user names
  • b. All the above mentioned
  • c. For one username attackers test many passwords
  • d. For one username attackers test one password

Question 149

Question
Check OWASP vulnerabilities
Answer
  • a. Using Know Vulnerable Components
  • b. Missing Function Level Access Control
  • c. Security Misconfigurations
  • d. Password Management

Question 150

Question
OWASP is an open community dedicated to enabling organizations to develop, purchase, and maintain applications that can be trusted
Answer
  • True
  • False

Question 151

Question
Which of the following is true about the risks of Broken Authentication and Session Management?
Answer
  • a. Identity
  • b. Theft
  • c. None of them
  • d. Undermine authorization and accountability controls cause privacy violation

Question 152

Question
Which of the following is true about footprinting?
Answer
  • a. Less technical information, but important
  • b. Involves relatively high amount of manual work
  • c. Get as many plausible candidates as possible
  • d. NS (name server) / MX (mail exchange) records

Question 153

Question
Reconnaissance may start with just one piece of information
Answer
  • True
  • False

Question 154

Question
Which of the following approaches refer to Verification?
Answer
  • Application Fingerprinting
  • Ping Sweep
  • Port Scanning
  • OS Fingerprinting

Question 155

Question
Attacker creates a session on a web site -> Attacker sends this Session ID to the victim -> Targeted Web site receives the request from the victim
Answer
  • a. Brute Force Attack
  • b. Session Fixation Attack
  • c. Session Spotting
  • d. Replay Attack

Question 156

Question
Guessing a person username and password, credit-card number, cryptographic key refers to
Answer
  • a. Replay Attack
  • b. Brute Force Attack
  • c. Session Fixation Attack

Question 157

Question
1. What is verification phase in reconnaissance?
Answer
  • a. Check if the target candidates are actually alive and reachable
  • b. Find out more about structure of target
  • c. All the above mentioned
  • d. Find out individual computers of target

Question 158

Question
Which of the following is true about intelligence gathering objectives?
Answer
  • a. Checks if results are plausible test them
  • b. Less technical information, but important
  • c. Involves relatively high amount of manual work
  • d. Extends scope of security analysis, may reveal new parts of target
  • e. Gets as many plausible candidates as possible

Question 159

Question
Which of the following is the best of protecting from overflow attacks
Answer
  • a. Aslr
  • b. Write a code wo vulnerabilities
  • c. Stack canaries
  • d. Non executable code

Question 160

Question
What does this case mean? An attacker’s target should be accessible
Answer
  • a. Must be associated to target
  • b. All the above mentioned
  • c. Must be confidential
  • d. Must be able to attack it

Question 161

Question
What does this case mean? An attacker’s target should be relevant
Answer
  • a. Must be confidential
  • b. Must be associated to target
  • c. Must be able to attack it
  • d. All the above mentioned

Question 162

Question
Why stack overflow attack occurs here?
Answer
  • a. Strcpy() function does not perform a bounds check
  • b. Strcpy library is not included
  • c. Works correctly
  • d. To “source” variable copied more expected

Question 163

Question
What does it mean?
Answer
  • a. Buffer allocation
  • b. Return the value
  • c. Saves to rbx
  • d. Call the function

Question 164

Question
Which of the following vulnerabilities are NOT listed in OWASP Top 10? Choose all that apply.
Answer
  • Social Engineering
  • Cross-site scripting
  • Unvalidating Redirects and Forwards
  • Security Misconfiguration
  • Unvalidating password difficulty

Question 165

Question
What flaws arises from session tokens having poor randomness across a range of values?
Answer
  • e) Session Hijacking
  • d) Session Replay
  • c) Session Fixation
  • b) Insecure Direct Object References
  • a) Forwarding system functionality

Question 166

Question
Find the best countermeasures to solve an Insecure Direct Object Reference attack. Choose all that apply.
Answer
  • Properly validate cookie data, URL parameters, all HTML From data
  • Use reasonable session timeouts
  • Use secure randomly generated session keys to make prediction impossible
  • Architect your application to check if the data is encrypted with every request
  • Do not expose internals to the user

Question 167

Question
Define intelligent gathering
Answer
  • Find out more about structure of target
  • Find out individual computers of target
  • Involves relatively high amount of manual work
  • Check if target candidates are actual alive and reachable

Question 168

Question
Injection flaws occur when an application send trusted data to an compiler
Answer
  • True
  • False
Show full summary Hide full summary

Similar

Cyber Wellness Quiz
mycaleb
Tricky words: Set one
barrie edmonds
UAE Cyber Safety Law
Ahmad A
Present continuos tense
anama_gordillo
DELIVERING AT PACE
Natalie West
UNIT 1
missbotch
Cyber Security Management Qs
ben drury
Xtreme Ice (Cyber Range) Pitch Quiz
Jade Kennedy
ANTT
Gaffer Ji
Untitled
atanuroy505