Ethical Hacking final part 3

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

SMB is used to share files and usually runs on top of NetBios, netBEUI, or which of the following?

TCP/IP

Which of the following cross-site scripting vulnerabilities types is especially harmful because it can be delivered to subsequent users of the application?

reflected,injected,Stored

What programing languages are vulnerable to buffer overflow attacks?

C and C++

Which standarized remote file system protocol replaced SMB in Windows 2000 server and later

Common internet file system

Microsoft Baseline security Analyzer has its orgins in which of the following command line scanners?

HPNETChk

What is the current file system that windows utilizes that has strong security features?

NTFS

Which of the following is a window's client/server technology designed to manage patching and updating system software from the network?

WSUS

Which of teh following if often found within an embedded OS that can a potential vulnerability to an attack?

Web server

A user can view the source code of PHP file by using their Web browser's tool

false

What is the specfic act filtering, rejecting, or santizing a user's untrusted input before the application process it?

input validation

What is the most seious shortcoming of Microsoft's orginal File Allocation Table (FAT) file system?

no ACL support

Embedded OSs are usually designed to be smalll and efficient so they do not have some of the function that general - purpose OSs have

true

OLE DB relies on connection strings that enable the application to access that data stored on an external device

true

Rootkits containing Trojan binary programs that are ready to install are more dangerous than typical Trojan programs

true

Which of the following source code is now available to the public and was considered a trimmed down version of the Windows desktop OS?

windows ce

Which of the following is a programming interface for connection a Web application to a database and defines technologies that allow application such as Word or Excel, to interact with the Web?

ADO

Which of the following is an alternative term used when refering to Application Security

AppSec

What type of malicious code could be installed in a system's flash memory to allow an attacker t access they system at a later date?

BIOS-based rootkid

Adobe System's ColdFUsion uses its proprietary tags, which are written in which of the following languages?

CFML

Which of the following results from poorly configured technologies that a Web application runs on top of?

Security misconfigurations

Ubuntu and Debian Linux use what command to update and manage their RPM packages?

apt-get

What is the specific act of checking user's privilages to understand if they should or should not have access to a page, field, resource, or action in an application?

authroization

Which of the following refers to the flow a user in expected to follow is an application to accomplish a goal?

business logic

To check whether a CGI program works, you can test the Url in your WEb browser. Which of the following directories should you should you save the program to on you Web server before you check the URL in your Web browser?

cgi-bin

JavaScript is a server-side scriptign language that is embedded in an html Web page

false

Samba is proprietary implementation of CIFS

false

What critical component of any OS that can be can be vulnerable to attacks is used to store and manage information?

file System

Which of the following is considered to be the most critical SQL vulnerability?

null SA password

Which type of vulnerabilites can result from a server accepting untrusted, unvaildated input?

redirection, spoofing, injection

Which one of the following, if compromised might allow attackers the ability to gain complete access to network resources?

router

Which of the following is an open-source implementation of CIFS?

samba

CGI programs can be written in many different programming and scripting languages, such as C/C++ , Perl, UNIX shells, Visual Basic and FORTRAN

true

Windows Software Update Services is designed to manager patching and updating system software from the network

true

What type of useful tools can a security tester find available in both Firefox and Chrome Web browser?

Developer tools

Which of the followign interfaces is a standard database access method, developed by SQl, Acess Group , that allows an application to access data stored in a database managment system(DBMS)?

OLE,ODBC,ADO

Which of the following programming languages was originally used primarily on UNIX SYstem, but is more widely now on many platforms such as Macintosh and windwos?

JScript,VBScript,PHP

What type of viruses and code has been created by security researchers and attackers that could infect phones running google's Android, windows mobile and the apple iPhone OS?

Java-based

A device that performs more than one function, such as printing and faxing is called which of the following?

MFD

Which of the following is an SELinux os security mechanism that enforces access rules based on privileges for interactions between process, files and users?

Mandatory Access control

Which of the following protocols does NetBios use to access a network resources

NBT,TCP/IP,NetBeui


Ensembles d'études connexes

ATI Clinical Judgement Process Test

View Set

Chapter 1: Intro to Accounting and Business

View Set

Data Structure and Algorithm Quiz 1 Review

View Set

HEY - Unit 1 - p. 18-29 (partial)

View Set

CH 31: Assessment of Immune Function

View Set