Chapter 6

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Terry is investigating a security incident where the attacker entered a very long string into an input field, which was followed by a system command. What type of attack likely took place? Cross site request forgery Server siude request forgery Command injection Buffer overflow

Buffer overflow

Kim creates open-source software tools and wants to assure users that the code they received is authentic code provided by the author. What technique can Kim use to provide this assurance? Code signing Code endorsement Code encryption Code obfuscation

Code signing

Which of the following measures would database administrators consider to be the best defense against data exposure? Normalization Data minimization Tokenization Hashing

Data minimization

When making a change to a web application in use by an organization to fix a bug, the work should be completed in the _____________ environment. Test Development Stagin Production

Development

Taylor is designing a pentest platform that needs to be able to expand and contract as needs change. Which of the following terms describes Taylor's goal? Elasticity Scalability Agility Cost effectiveness

Elasticity

Morgan is testing software by sending invalid and even random data to the application. What type of code testing is Morgan conducting? Mutation testing Static code analysis Dynamic ocde analysis Fuzzing

Fuzzing

Jen is engaged in a penetration test and wishes to eavesdrop on communications between a user and a web server. What type of attack would Jen likely use? Man in the middle Session hijacking Buffer overflow Meet in the middle

Main in the middle

Precompiled SQL statements that only require variables to be input are an example of what type of application security control? Parameterized queries Encoding Data Input validation Appropriate access controls

Parameterized queries

The phases of the software development life cycle in order are: Planning , Requirements , Design , Coding , Testing , Training and Transition , and Ongoing Operations and Maintenance . What is the order they go in?

Planning -> Requirements -> Design -> Coding -> testing -> Training and Transition -> Ongoing Opeartions and Maintenance

Sam is conducting a penetration test in preparation for an external pentest engagement. Sam attempts a session hijacking attack which will require a __________ to be successful. Sessiong ticket Session cookie Username User password

Session cookie

Lihat semua set pelajaran

Chapter 6

Set pelajaran terkait

Mobile

Ricci Chapter 51 PrepU (Shock Only)

BIO 201 TEST 2 PRACTICE QUESTIONS

Intelligence/Emotional Intelligence

CS180 Chapter 1 Quiz Questions

MKTG 323 chapter 1 Blair Banker

Business Law Quiz 1

Part 3: Research for Personal Budgeting

Med/surg exam 3

Chapter 2 - Organizational Behavior

Chapter 14 Quiz

E & M Exam #1

Stars and Constellations Study guide

KIN 371 QUIZ questions and answers

Manifest Destiny Terms

Chapt 9 - Fin 351

ENGR 4220 - Project Management

chapter 34 & 35 exam

Business Final Exam

Psych Midterm