Common vulnerabilities quiz
A situation in which an application writes to or reads from an area of memory that it is not supposed to access is referred to as:
Buffer overflow
A collection of precompiled functions designed to be used by more than one Microsoft Windows application simultaneously to save system resources is known as:
DLL
Which of the terms listed below describes a type of attack that relies on executing a library of code?
DLL Injection
A predefined username/password on a brand new wireless router is an example of:
Default configuration
Which of the terms listed below refers to a software that no longer receives continuing support?
EOL
Which of the terms listed below describes a programming error where an application tries to store a numeric value in a variable that is too small to hold it?
Integer overflow
A situation in which an application fails to properly release memory allocated to it or continually requests more memory than it needs is called:
Memory leak
Which of the following terms describes an attempt to read a variable that stores a null value?
Pointer dereference
A malfunction in preprogrammed sequential access to a shared resource is described as:
Race condition
Which of the answers listed below describes the result of a successful DoS attack?
Resource exhaustion
What is the best countermeasure against social engineering?
User education
Zero-day attack exploits:
Vulnerability that is present in already released software but unknown to the software developer
An e-commerce store app running on an unpatched web server is an example of:
Vulnerable business process
After feeding an input form field with incorrect data, a hacker gets access to debugger info providing extensive description of the error. This situation is an example of:
improper error handling
A situation in which a web form field accepts data other than expected (e.g. server commands) is an example of:
improper input validation
Which of the following violates the principle of least privilege?
improperly configured accounts