CompTIA Security+ Exam SY0-501 Common Vulnerabilities

¡Supera tus tareas y exámenes ahora con Quizwiz!

A situation in which an application writes to or reads from an area of memory that it is not supposed to access is referred to as:

• Buffer overflow

A collection of precompiled functions designed to be used by more than one Microsoft Windows application simultaneously to save system resources is known as:

• DLL

Which of the terms listed below describes a type of attack that relies on executing a library of code?

• DLL injection

A predefined username/password on a brand new wireless router is an example of:

• Default configuration

Which of the terms listed below refers to a software that no longer receives continuing support?

• EOL

After feeding an input form field with incorrect data, a hacker gets access to debugger info providing extensive description of the error. This situation is an example of:

• Improper error handling

A situation in which a web form field accepts data other than expected (e.g. server commands) is an example of:

• Improper input validation

Which of the following violates the principle of least privilege?

• Improperly configured accounts

Which of the following factors pose the greatest risk for embedded systems? (Select 2 answers)

• Inadequate vendor support • Default configurations • Improper input handling

Which of the terms listed below describes a programming error where an application tries to store a numeric value in a variable that is too small to hold it?

• Integer overflow

A situation in which an application fails to properly release memory allocated to it or continually requests more memory than it needs is called:

• Memory leak

Which of the following terms describes an attempt to read a variable that stores a null value?

• Pointer dereference

A malfunction in preprogrammed sequential access to a shared resource is described as:

• Race condition

Which of the answers listed below describes the result of a successful DoS attack?

• Resource exhaustion

An effective asset management process provides countermeasures against: (Select all that apply)

• System sprawl • Undocumented assets • Architecture and design weaknesses

In the IT industry, the term "System sprawl" is used to describe poor hardware resource utilization.

• True

The purpose of a downgrade attack is to make a computer system fall back to a weaker security mode which makes the system more vulnerable to attacks.

• True

What is the best countermeasure against social engineering?

• User education

Zero-day attack exploits:

• Vulnerability that is present in already released software but unknown to the software developer

An e-commerce store app running on an unpatched web server is an example of:

• Vulnerable business process


Conjuntos de estudio relacionados

Health Assessment - Prepu Cha. 24

View Set

Chapter 16: Publicity: Promotion Using Earned Media, Owned Media, and Social Media

View Set

Maternity Prep U Practice -Postpartum & Pregnancy Complications

View Set

Macroeconomics Chapter 11 practice/review Part 2

View Set