ITN 260- Chapter 3

¡Supera tus tareas y exámenes ahora con Quizwiz!

A web browser makes a request for a web page using the ________________.

Hypertext Transfer Protocol (HTTP)

A TCP/IP communication begins with a control message, known as a ________________, to initialize the connection.

SYN

The default root directory of the Microsoft Internet Information Services (IIS) Web server is located at which directory below?

C:\Inetpub\ wwwroot

When TCP/IP was developed, the host table concept was expanded into a hierarchical name system for matching computer names and numbers using this service:

DNS

XSS attacks occur when an attacker takes advantage of web applications that accept user input without validating it and then present it back to the user.

True

Select below the string of characters that can be used to traverse up one directory level from the root directory:

../

A- An attack that uses the Internet Control Message Protocol (ICMP) to flood a victim with packets. B- Injecting and executing commands to execute on a server C- An attack that corrupts the ARP cache D- A form of verification used when accessing a secure web application E- An attack that occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer F- An attack that broadcasts a ping request to computers yet changes the address so that all responses are sent to the victim. G- Another name for locally shared object (LSO) H- Part of the TCP/IP protocol for determining the MAC address based on the IP address. I- An attack that substitutes DNS addresses so that the computer is automatically redirected to an attacker's device. J- An attack that injects scripts into a web application server to direct attacks at clients.

A- Ping Flood B- Command Injection C- ARP Poisoning D- Session Token E- Buffer Overflow Attack F- Smurf Attack G- Flash Cookie H- Address Resolution Protocol (ARP) I- DNS Poisoning J- Cross-site scripting (XSS)

The predecessor to today's Internet was a network known as ____________________.

ARPAnet

How can an attacker substitute a DNS address so that a computer is automatically redirected to another device?

DNS poisoning

A user has become compromised as a result of visiting a specific web page, without clicking on any kind of content. What type of attack has occurred?

Drive-by-Download

Because of the minor role it plays, DNS is never the focus of attacks.

False

Because the XSS is a widely known attack, the number of Web sites that are vulnerable is very small.

False

What language below is designed to display data, with a primary focus on how the data looks?

HTML

What portion of the HTTP packet consists of fields that contain information about the characteristics of the data being transmitted?

HTTP header

On a compromised computer, you have found that a user without administrative privileges was able to perform a task limited to only administrative accounts. What type of exploit has occurred?

Privilege Escalation

Which type of attack below is similar to a passive man-in-the-middle attack?

Replay

To what specific directory are users generally restricted to on a web server?

Root

Attacks that take place against web based services are considered to be what type of attack?

Server-side

An attack in which the attacker attempts to impersonate the user by using his or her session token is known as:

Session Hijacking

HTML uses which option below within embedded brackets (< >) causing a web browser to display text in a specific format?

ITN 260- Chapter 3

Conjuntos de estudio relacionados

Pols

Tableau Desktop Certification Practice Exam 3

Biology Chapters 4, 14, and 15

physics chapter 14 test review

Pharmacological & Parental Therapies

FIN 350 CH 7 HW

OPER 3600 Exam #1

A&P 1 Chapter 10 Quiz 1

Marketing DSM Chapter 4

ATI: Management Final

IST 5520 Exam 1

Contracts Semester 1

Tax Accounting - Chapter 6

5b

Chapter 9 Financial Accounting

multipulcation

CompTIA A+ Exam 220-1001 - Network Protocols

History Test

APUSH - Chapter 16

Health Insurance Ch. 1 Review