CompTIA Security+ Common Vulnerabilities Quiz

Ace your homework & exams now with Quizwiz!

A collection of precompiled functions designed to be used by more than one Microsoft Windows application simultaneously to save system resources is known as:

DLL

Which of the terms listed below describes a type of attack that relies on executing a library of code?

DLL injection

Which of the terms listed below refers to a software that no longer receives continuing support?

EOL

After feeding an input form field with incorrect data, a hacker gets access to debugger info providing extensive description of the error. This situation is an example of:

Improper error handling

A situation in which a web form field accepts data other than expected (e.g. server commands) is an example of:

Improper input validation

Which of the following violates the principle of least privilege?

Improperly configured accounts

An effective asset management process provides countermeasures against: (Select all that apply)

System sprawl; Undocumented assets; Architecture and design weaknesses

Zero-day attack exploits:

Vulnerability that is present in already released software but unknown to the software developer

A situation in which an application writes to an area of memory that it is not supposed to access is referred to as:

buffer overflow

A predefined username/password on a brand new wireless router is an example of:

default configuration

Which of the following factors pose the greatest risk for embedded systems? (Select 2 answers)

inadequate vendor support; Default configurations

Which of the terms listed below describes a programming error where an application tries to store a numeric value in a variable that is too small to hold it?

integer overflow

A situation in which an application fails to properly release memory allocated to it or continually requests more memory than it needs is called:

memory leak

Which of the following terms describes an attempt to read a variable that stores a null value?

pointer dereference

A malfunction in preprogrammed sequential access to a shared resource is described as:

race condition

Which of the answers listed below describes the result of a successful DoS attack?

resource exhaustion

(T/F) In the IT industry, the term "System sprawl" is used to describe one of the aspects of poor asset management process.

true

(T/F) The purpose of a downgrade attack is to make a computer system fall back to a weaker security mode which makes the system more vulnerable to attacks.

true

What is the best countermeasure against social engineering?

user education

An e-commerce store app running on an unpatched web server is an example of:

vulnerable business process


Related study sets

Assessment of Respiratory Function

View Set

Translation and Post Translational Modification

View Set

Ch.18 Michigan Laws and Rules Pertinent to Insurance

View Set

Chapter 43: Management of Patients With Musculoskeletal Trauma

View Set

Factors and Multiples Pre-Test and Quiz

View Set