Network and Defense Exam 3 Ch. 8-10
Which one of the following, if compromised might allow attackers the ability to gain complete access to network resources?
rootkit
Which of the following is a programming interface for connecting a Web application to a database and defines technologies that allow applications, such as Word or Excel, to interact with the Web?
SQL not
Which of the following is considered to be the most critical SQL vulnerability?
SQL password?? null SA hash??
What specific type of Windows Servers are used to authenticate user accounts and contain most of the information that attackers want to access?
domain controllers
Rootkits that pose the biggest threat to any OS are those that infect what part of the targeted device?
firmware
Which specific type of tag do All CFML tags begin with?
% ??
What is the current file system that Windows utilizes that has strong security features?
ADS not
A user can view the source code of a PHP file by using their Web browser's tools. True or Flase
False ???
What critical component of any OS, that can be can be vulnerable to attacks, is used to store and manage information?
File System
Which of the following systems should be used when equipment monitoring and automation is critical?
GUI ????!!!!
Microsoft Baseline Security Analyzer has its origins in which of the following command line scanners?
HFNetChk
Which of the following cross-site scripting vulnerabilities types relies on social engineering to trick a user into visiting a maliciously crafted link or URL?
Injecting not unvalidated
Which of the following is an interprocess communication mechanism that allows a program running on one host to run code on a remote host?
RPC
When using the Common Internet File System (CIFS), which security model does not require a password to be set for the file share?
Share-level security
SMB is used to share files and usually runs on top of NetBIOS, NetBEUI, or which of the following?
TCP/IP
Windows 10, Windows 8, Windows Server 2016, and Windows Server 2012 have most services and features enabled by default. True or Flase
True
Which of the following is a Window's client/server technology designed to manage patching and updating systems software from the network?
WSUS
What type of useful tools can a security tester find available in both Firefox and Chrome Web browsers?
security tools
Connecting to an MS SQL Server database with Microsoft's Object Linking and Embedding Database (OLE DB) requires using which of the following providers?
ADSDSOOBJECT not
What programming languages are vulnerable to buffer overflow attacks?
C and C++
Which of the following programming languages was originally used primarily on UNIX systems, but is used more widely now on many platforms, such as Macintosh and Windows?
JScript ??
Which of the following is a common Linux rootkit?
Linux Rootkit 5 not
Which of the following protocols does NetBios use to access a network resource?
NETBUI
What is the current file system that Windows utilizes that has strong security features?
NTFS
Which of the following source code is now available to the public and was considered a trimmed down version of the Windows desktop OS?
Windows CE
What type of viruses and code has been created by security researchers and attackers that could infect phones running Google's Android, Windows Mobile, and the Apple iPhone OS?
C++
Which of the following cross-site scripting vulnerabilities types is especially harmful because it can be delivered to subsequent users of the application?
Injecting not
Which of the following resources is an excellent starting point for security professionals when investigating VBScript vulnerabilities?
Microsoft Security Bulletin
Which of the following interfaces is a standard database access method, developed by SQL Access Group, that allows an application to access data stored in a database management system (DBMS)?
ODBA
Ubuntu and Debian Linux use what command to update and manage their RPM packages?
dir not
What is the most serious shortcoming of Microsoft's original File Allocation Table (FAT) file system?
no ACL support
Which standardized remote file system protocol replaced SMB in Windows 2000 Server and later?
not Common Internet file system
Which of the following is an alternative term used when referring to Application Security?
not SecAPP ???
Windows Software Update Services (WSUS) is designed to manage patching and updating system software from the network. True or false
true
Which of the following if often found within an embedded OS that can cause a potential vulnerability to an attack?
vulnerability ??
