Exam #2 Comp & Network Tech

A technology that developers can use to display HTML documents to users on the fly

ASP

Network of robot computers?

Botnet

The interface that determines how a Web server passes data to a Web browser

CGI

The analysis of a running application for vulnerabilities Correct!

DAST

An attack that prevents legitimate users from accessing network resources

DoS

Ability to vary the information that is displayed on the Web page

Dynamic web page

A DDoS attack is launched against a host from a single server or workstation.

False

A user can view the source code of a PHP file by using their Web browser's tools.

False

JavaScript is a server-side scripting language that is embedded in an HTML Web page.

False

Malware programs cannot be detected by antivirus programs.

False

Attackers inject themselves between two parties or systems communicating with one another

Man in the middle

Standard database access method developed by the SQL Access Group and allows interoperability between back-end DBMSs

ODBC

Open-source server-side scripting language that runs on a server and enables Web developers to create dynamic Web pages

PHP

An attack that uses a large ICMP packet to causes the victim computer to freeze and malfunction

Ping of Death

Analysis of an application's source code for vulnerabilities

SAST

The attacker supplies SQL commands when prompted to fill in a Web application field

SQLi

Displays the same information on the Web page regardless of who accesses the page

Static web page

A program that disguises itself as a useful program and can install a backdoor or rootkit on a computer

Trojan

CGI programs can be written in many different programming and scripting languages, such as C/C++, Perl, UNIX shells, Visual Basic, and FORTRAN.

True

In a buffer overflow attack, an attacker finds a vulnerability in poorly written code that doesn't check for a defined amount of memory space use.

True

Malware is malicious software, such as a virus, worm, or Trojan program, introduced into a network

True

OLE DB relies on connection strings that enable the application to access the data stored on an external device.

True

Web applications written in CFML can also contain other client-side technologies, such as HTML and JavaScript.

True

Whitelisting allows only approved programs to run on a computer

True

Hardware devices or software that can be used to capture keystrokes on a computer

keyloggers

Malicious software introduced into a network to help an attacker accomplish their goals

malware

Virus that locks a target system until a demanded fee is paid

ransomware

A program that usually hides in the OS tools, so it's almost impossible to detect

rootkit

A pointer to the physical directory

virtual directory

Malicious program that attaches itself to a file or another program

virus