Chapter 7 - Protecting Against Advanced Attacks

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

And IDS has sent multiple alerts in response to increased traffic. Upon investigation, you realize it is due to a spike in network traffic from several sources. Assuming this is malicious, which of the following is the MOST likely explanation?

A DDoS attack

Your SIEM sent you an alert after detecting the following script was run on a system within your network. invoke-command { $a = net localgroup administrators | where {$_-AND $_ -notmatch "command completed"} | select -skip 4 } Which BEST describes this script?

A PowerShell script to list local administrators

You are examining logs generated by an online web application. You notice that the following phrase is appearing in several queries: 'or'1'='1';-- Which of the following is the MOST likely explanation for this?

A SQL injection attack

While reviewing logs for a web application, a security analyst notices that it has crashed several times, reporting a memory error. Shortly after it crashes, the logs show malicious code that isn't part of a known application. Which of the following is MOST likely occurring?

Buffer overflow

Developers in the YCDA organization have created an application that users can download and install on their computers. Management wants to provide users with a reliable method of verifying that the application has not been modified after YCDA released it. Which of the following methods provides the BEST solution?

Code signing

Your organization has created a web application that will go live after testing is complete. An application tester sees the following URL: https://gcgapremium.com/info.php?sessionID=10123&acct=homer. The tester resends the following URL to the website: https://gcgapremium.com/info.php?sessionID=32101&acct=homer. Which of the following attacks is the tester checking?

Cross-site request forgery

Homer complains that his system started acting erratically today. You discover that malware infected his system, but you discover he didn't open any email during the day. He mentions that he has been browsing the Internet all day. Which of the following could you check to see where the malware MOST likely originated?

DNS server logs

Web developers are implementing error handling in a database application accessed by a web server. Which of the following would be the BEST way to implement this?

Display a generic error message but log detailed information on the error

Your organization is preparing to deploy a web-based application, which will accept user input. Which of the following will BEST test the reliability of this application to maintain availability and data integrity?

Dynamic code analysis

Database administrators have created a database used by a web application. However, testing shows that application queries against the database take a significant amount of time. Which of the following actions is MOST likely to improve the overall performance of the database?

Normalization

While investigating performance issues on a web server, you verified that the CPU usage was about 10 percent five minutes ago. However, it now shows that CPU usage has been averaging over 98 percent for the last two minutes. Which of the following BEST describes what this web server is experiencing?

Resource exhaustion

Looking at logs for an online web application, you see that someone has entered the following phrase into several queries: 'or '1'='1'-- Which of the following is the MOST likely explanation for this?

Stored procedures

A web developer is adding input validation techniques to a web site application. Which of the following should the developer implement during this process?

Validation on the server-side

Several developers in your organization are working on a software development project. Recently, Bart made an unauthorized change to the code that effectively broke several modules. Unfortunately, there isn't any record of who made the change or details of the change. Management wants to ensure it is easy to identify who makes any changes in the future. Which of the following provides the BEST solution for this need?

Version control


Ensembles d'études connexes

Mr. McCabe-Point-Slope Form of a Line

View Set

MKT494: Data Driven Marketing Final

View Set

Module 9 - Concept and Knowledge Representation

View Set