CompTIA CySA+ CS0-003 Deck 9

Question 1

Output Encoding

Answer 1

Coding methods to sanitize output created from user input.

Question 2

Parameterized Queries

Answer 2

A technique that defends against SQL injection by incorporating placeholders in a SQL query.

Question 3

How is SSDLC different from SDLC?

Answer 3

SSDLC formally requires security considerations to be included in each phase of development.

Question 4

When an attacker chooses predetermined passwords and tries them for multiple user accounts, this is known as:

Answer 4

Password Spraying

Question 5

What type of attack is represented by the following?

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/config

Answer 5

URL encoded directory traversal attack

Question 6

Buffer Overflow

Answer 6

An attack in which data goes past the boundary of the destination buffer and begins to corrupt adjacent memory. This can allow the attacker to crash the system or execute arbitrary code.

Question 7

Heap Overflow

Answer 7

A software vulnerability where input is allowed to overwrite memory locations within the area of a process’s memory allocation used to store dynamically sized variables.

Question 8

Integer Overflow

Answer 8

An attack in which a computed result is too large to fit in its assigned storage space, which may lead to crashing or data corruption, and may trigger a buffer overflow.

Question 9

(ASLR)

Answer 9

Address Space Layout Randomization

Question 10

(ASLR)

Answer 10

Address Space Layout Randomization

Question 11

(ASLR) Address Space Layout Randomization

Answer 11

A technique that randomizes where components in a running application are placed in memory to protect against buffer overflows.

Question 12

SQL injection

Answer 12

An attack that injects a database query into the input data directed at a server by accessing the client side of the application.

Question 13

Directory Traversal

Answer 13

An application attack that allows access to commands, files, and directories that may or may not be connected to the web document root directory.

Question 14

(XSS)

Answer 14

Cross-site Scripting

Question 15

(XSS) Cross-site Scripting

Answer 15

A malicious script hosted on the attacker’s site or coded in a link injected onto a trusted site designed to compromise clients browsing the trusted site, circumventing the browser’s security model of trusted zones.

Question 16

File Inclusion

Answer 16

A web application vulnerability that allows an attacker either to download a file from an arbitrary location on the host file system or to upload an executable or script file to open a backdoor.

Question 17

Cookie

Answer 17

A text file used to store information about a user when they visit a website. Some sites use cookies to support user sessions.

Question 18

Session Hijacking

Answer 18

A type of spoofing attack where the attacker disconnects a host then replaces it with his or her own machine, spoofing the original host’s IP address.

Question 19

(XSRF)

Answer 19

Cross-Site Request Forgery

Question 20

(XSRF) Cross-Site Request Forgery

Answer 20

A malicious script hosted on the attacker’s site that can exploit a session started on another site in the same browser.

Question 21

(SSRF)

Answer 21

Server-Side Request Forgery

Question 22

(SSRF) Server-Side Request Forgery

Answer 22

An attack where an attacker takes advantage of the trust established between the server and the resources it can access, including itself.

Question 23

What type of attack is represented by the following?
SELECT * FROM tbl_user WHERE username = ‘’ or 1=1–’ AND password ‘x’

Answer 23

SQL injection

Question 24

This type of XSS attack inserts the malicious code into the web application, oftentimes by putting the script syntax into a comment field used by the web application, so that the script runs for all future visitors.

Answer 24

Stored XSS

Question 25

This type of attack describes a web application vulnerability that allows an attacker to send unauthorized requests from a vulnerable web application to other internal or external systems.

Answer 25

SSRF

Question 26

This critical security measure is not available for end-of-life applications.

Answer 26

Security patching

Question 27

Implementing key management practices is associated with this control.

Answer 27

Encryption

Question 28

What is HTTP?

Answer 28

The Hypertext Transfer Protocol (HTTP) is the foundation of the World Wide Web, and is used to load webpages using hypertext links. HTTP is an application layer protocol designed to transfer information between networked devices and runs on top of other layers of the network protocol stack. A typical flow over HTTP involves a client machine making a request to a server, which then sends a response message.

Question 29

What is in an HTTP request?

Answer 29

1.) HTTP version type
2.) a URL
3.) an HTTP method
4.) HTTP request headers
5.) Optional HTTP body.

Question 30

What are HTTP request headers?

Answer 30

HTTP headers contain text information stored in key-value pairs, and they are included in every HTTP request (and response, more on that later).

Question 31

What’s are the HTTP status code?

Answer 31

1xx Informational
2xx Success
3xx Redirection
4xx Client Error
5xx Server Error

Question 32

Can DDoS attacks be launched over HTTP?

Answer 32

Keep in mind that HTTP is a “stateless” protocol, which means that each command runs independent of any other command. In the original spec, HTTP requests each created and closed a TCP connection. In newer versions of the HTTP protocol (HTTP 1.1 and above), persistent connection allows for multiple HTTP requests to pass over a persistent TCP connection, improving resource consumption. In the context of DoS or DDoS attacks, HTTP requests in large quantities can be used to mount an attack on a target device, and are considered part of application layer attacks or layer 7 attacks.

Question 33

What is TLS?

Answer 33

Transport Layer Security.

Question 34

What is Transport Layer Security (TLS)?

Answer 34

Transport Layer Security, or TLS, is a widely adopted security protocol designed to facilitate privacy and data security for communications over the Internet. A primary use case of TLS is encrypting the communication between web applications and servers, such as web browsers loading a website. TLS can also be used to encrypt other communications such as email, messaging, and voice over IP (VoIP). In this article we will focus on the role of TLS in web application security.

Question 35

What is SSL?

Answer 35

Secure Sockets Layer

Question 36

What is Secure Sockets Layer?

Answer 36

SSL, or Secure Sockets Layer, is an encryption-based Internet security protocol. It was first developed by Netscape in 1995 for the purpose of ensuring privacy, authentication, and data integrity in Internet communications. SSL is the predecessor to the modern TLS encryption used today.

A website that implements SSL/TLS has “HTTPS” in its URL instead of “HTTP.”