CompTIA Security+ Common Vulnerabilities Quiz

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

A collection of precompiled functions designed to be used by more than one Microsoft Windows application simultaneously to save system resources is known as:

DLL

Which of the terms listed below describes a type of attack that relies on executing a library of code?

DLL injection

Which of the terms listed below refers to a software that no longer receives continuing support?

EOL

After feeding an input form field with incorrect data, a hacker gets access to debugger info providing extensive description of the error. This situation is an example of:

Improper error handling

A situation in which a web form field accepts data other than expected (e.g. server commands) is an example of:

Improper input validation

Which of the following violates the principle of least privilege?

Improperly configured accounts

An effective asset management process provides countermeasures against: (Select all that apply)

System sprawl; Undocumented assets; Architecture and design weaknesses

Zero-day attack exploits:

Vulnerability that is present in already released software but unknown to the software developer

A situation in which an application writes to an area of memory that it is not supposed to access is referred to as:

buffer overflow

A predefined username/password on a brand new wireless router is an example of:

default configuration

Which of the following factors pose the greatest risk for embedded systems? (Select 2 answers)

inadequate vendor support; Default configurations

Which of the terms listed below describes a programming error where an application tries to store a numeric value in a variable that is too small to hold it?

integer overflow

A situation in which an application fails to properly release memory allocated to it or continually requests more memory than it needs is called:

memory leak

Which of the following terms describes an attempt to read a variable that stores a null value?

pointer dereference

A malfunction in preprogrammed sequential access to a shared resource is described as:

race condition

Which of the answers listed below describes the result of a successful DoS attack?

resource exhaustion

(T/F) In the IT industry, the term "System sprawl" is used to describe one of the aspects of poor asset management process.

true

(T/F) The purpose of a downgrade attack is to make a computer system fall back to a weaker security mode which makes the system more vulnerable to attacks.

true

What is the best countermeasure against social engineering?

user education

An e-commerce store app running on an unpatched web server is an example of:

vulnerable business process


Kaugnay na mga set ng pag-aaral

Assessment of Respiratory Function

View Set

Translation and Post Translational Modification

View Set

Ch.18 Michigan Laws and Rules Pertinent to Insurance

View Set

Chapter 43: Management of Patients With Musculoskeletal Trauma

View Set

Factors and Multiples Pre-Test and Quiz

View Set