Sec+ Domain 3.0 - Threats and Vulnerabilities

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What type of fencing is needed to deter determined intruders?

8+ feet high with barbed wire

What is the difference between a virus and a worm?

A virus can replicate itself on a system but cannot spread to other systems without assistance. A worm does not require a host application to be transported but instead can propagate on its own.

What is the difference between polymorphic and metamorphic viruses?

Although both continually change their code, the functionality (payload) of the metamorphic virus actually changes whereas that of the polymorphic virus stays the same.

Relate session hijacking and cookies.

An attacker can hijack/reuse a magic cookie used to authenticate a user to a remote server.

Relate session hijacking to TCP sequence numbers.

An attacker can take control of an active TCP session by trying to correctly guess the next sequence number.

What log in Event Viewer contains events that are logged by applications?

Application Log

Explain the differences between black box, gray box, and white box penetration testing.

Black box: tester has no prior knowledge of the network; Gray box: tester knows what a user knows; White box: tester has admin access

What is the difference between code reviews and design reviews?

Code reviews focus on identifying insecure coding whereas design reviews determine how various parts of the system will interoperate.

What is a type of exploit of a website whereby unauthorized commands are transmitted from a trusted user?

Cross-site request forgery (XSRF)

What type of vulnerability enables attackers to inject client-side code into web pages viewed by other users?

Cross-site scripting (XSS)

What is the difference between enticement and entrapment with regard to honeypots?

Enticement is the legal use of a honeypot. Entrapment is illegal use.

What is a UDP variation of a Smurf attack?

Fraggle

What are five common types of spoofing?

IP address spoofing, MAC address spoofing, ARP cache poisoning, DNS cache poisoning, Web spoofing

What technique exploits web-based applications that construct LDAP statements based on user input?

LDAP injection

What are cookie-like data that a web site running Adobe Flash can place on your hard drive?

Locally Shared Objects (LSOs)

What is a common vulnerability scanner and port scanner?

Nessus

What is common network mapper, vulnerability scanner, and port scanner?

Nmap

What is the XML standard for vulnerability testing assessments and reporting?

Open Vulnerability and Assessment Language (OVAL)

What is the main difference between qualitative and quantitative risk assessment?

Quantitative is based on risk calculations while qualitative is based on subjective ranking of risks.

Threat x Vulnerability x Cost of asset =

Risk

What technique is used to attack data-driven applications by inserting malicious statements into an entry field for execution?

SQL injection

What log in Event Viewer contains auditing and log-on information?

Security Log

What is a DDoS in which large numbers of ICMP packets with the intended victim's spoofed source IP are broadcast to a computer network using an IP Broadcast address?

Smurf attack

What log in Event Viewer contains information on system startup, service startup, time changes, and backups?

System Log

What specific logs does Event Viewer contain?

System Log, Security Log, and Application Log

What is the difference transient and persistent cookies?

Transient cookies are active only during a browsing session. Persistent cookies store user identification info over an extended period.

What is the difference between vulnerability scanning and penetration testing?

Vulnerability scanning is a passive attempt to identify weaknesses whereas penetration testing is more thorough but more disruptive.

What is the difference between 'fail open' and 'fail closed?'

When an error/exception is encountered, a fail open system will allow access whereas a fail closed system will deny all access.

What are three common protocol analyzers?

Wireshark, Snort, and Kismet

What technique compromises the logic of an XML application or service?

XML injection

What is it called when attackers send packets to a vtictim with TCP headers that have the SYN, FIN, URG, and PSH flags set for whatever protocols are in use and observes how the victim responds?

Xmas tree attack

What type of virus makes itself difficult to detect or analyze because it contains protective code that stops debuggers from examining the code?

armored virus

What type of virus infects the master boot record (MBR) of a device?

boot sector virus

What is a common attack against Web servers in which more information is placed in a memory stack than it can hold?

buffer overflow

What is an attack in which dynamically generated content on a Web page is modified by entering HTML code into an input mechanism?

command injection

CCTV, facial recognition software, sign-in logs, and routine security audits are examples of what type of security controls?

detective security controls

What is the term for a device that, in the event of failure, responds in a way that will cause no harm to other devices or danger to personnel?

fail safe

What is the term for a system that is able to resort to a secure state when an error or security violation is encountered?

fail secure

What is the term for a system designed to shut down any nonessential components in the event of a failure, but keep the system and programs running on the computer.

fail soft

What is the process of discovering the underlying OS on a device?

fingerprinting

What is the process of accumulating data regarding a specific network environment, usually for purposes of finding methods of intrusion?

footprinting

What is included in the term 'security posture?'

initial baseline configuration, continuous security monitoring, and remediation

What type of virus infects and spreads in multiple ways?

multipartite virus

Cain & Abel, L0phtCrack, and John the Ripper are examples of what kind of software?

password crackers

How can a NIC be configured to capture all traffic on the network segment?

place it in promiscuous mode (wired) / monitor mode (wireless)

An access control system, an armed guard, a mantrap, and bollards are examples of what type of security controls?

preventive security controls

What tools are used in vulnerability scanning?

protocol analyzers, vulnerability scanners, port scanners, network mappers, password crackers

What type of MitM attack involves information (credentials) being captured over the network and then used to gain unauthorized access later?

replay attack

What type of virus is designed to avoid discovery by actively attacking the anti-virus programs attempting to detect it?

retrovirus

What is the term for a set of software tools that enable an unauthorized user to gain control of a computer system without being detected?

rootkit

Which is more secure: server-side or client-side input validation?

server-side input validation

What type of virus hides itself, copies information from uninfected data onto itself, and relays this to antivirus software during a scan?

stealth virus

What is the goal of directory traversal?

to access a file that is not intended to be accessible

What is it called when a hacker attacks a small supplier in order to gain access to a large company's network via an extranet?

transitive trust attack

What is the term for an application that checks computers and networks for weaknesses?

vulnerability scanner

What is it called when attackers identify and infect a website that is often visited by their targets?

watering hole attack

What do web client-side attacks target?

web browsers


Ensembles d'études connexes

test 4, Ch 9 Stochastic effects and late tissue reactions in systems

View Set

Chapter 12 Sex and Sexuality Review

View Set

APHG- U3 (3.7a) Diffusion of Religion (only)

View Set

Spanish 3 TAREA 4B Vocab Part 2 (OLD)

View Set

Test 2 - Gas exchange, asthma, pulmonary embolism, anemia, pneumonia, cystic fibrosis

View Set

ATI Nurse Logic 2.0 ~ Testing and Remediation (Beginner Test)

View Set

Topic 5: Gastrointestinal System

View Set

Skills Lesson: Gathering Information Practice

View Set