Chapter 7

Question 1

What is spoofing?

Answer 1

Change data to impersonate another system or person. MAC spoofing attacks change the source MAC address and IP spoofing attacks change the source IP address.

Question 2

What is SYN Flood Attacks?

Answer 2

It is a common attack used against servers on the Internet. They are easy for attackers to launch, difficult to stop, and can cause significant problems because it can disrupt TCP handshake process and prevent legitimate clients from connecting.

Question 3

What is MITM?

Answer 3

Man in the middle attack is a form of active interception or active eavesdropping. It uses a separate computer that accepts traffic from each party in a conversation and forwards the traffic between the two.

Question 4

What is ARP poisoning?

Answer 4

Attack that misleads computers or switches about the actual MAC address of a system. The MAC address is the physical address, or hardware address, assigned to NIC. ARP resolves the IP addresses of systems to their hardware address and stores the result in an area of memory known as ARP cache.

Question 5

What is DNS poisoning?

Answer 5

Attempts to modify or corrupt DNS results. A successful DNS poisoning attack can modify the IP address associated with a domain name and replace it with the IP address of a malicious web site.

Question 6

What is a pharming attack?

Answer 6

A type of attack that manipulates the DNS name resolution process. It tries to corrupt DNS server or the DNS client. A successful farming attack redirects a user to a different web site.

Question 7

What is amplification attack?

Answer 7

It is a type of DDoS attack. It typically uses a method that significantly increases the amount of traffic sent to, or requested from, a victim.

• A ping is normally unicast
• Smurf attack sends the ping out as a broadcast.
• Smurf attack spoofs the source IP

Question 8

What is brute force attack?

Answer 8

It is the attempt to guess all possible character combinations either online or offline.

• Online password attack attempts to discover a password from an online system.
• Offline password attacks attempt to discover passwords from a captured database or captured packet scan.

Question 9

What is a dictionary attack?

Answer 9

Uses dictionary of words and attempts every word in the dictionary to see if it works.

Question 10

What are password hash attacks?

Answer 10

Attacking the hash of a password to figure out the password.

Question 11

What is a Pass the hash attack?

Answer 11

When the attacker discovers the hash of the user’s password and uses it to log on to the system as the user. Any authentication protocol that passes the hash over the network in an unencrypted format is susceptible to this attack.

Question 12

What is birthday attack?

Answer 12

An attacker creates a password that produces the same hash as the user’s actual password and takes advantage of hash collision which occurs when hashing algorithm creates the same hash from different passwords.

Question 13

What is rainbow table attacks?

Answer 13

Type of attack that attempts to discover the password from the hash.

Question 14

What is a salt?

Answer 14

It is a set of random data such as two additional characters.

Question 15

What is replay attacks?

Answer 15

Attacker replays data that was already part of a communication session. A third party attempts to impersonate a client that is involved in the original session. This can occur on both wired and wireless networks.

Question 16

What is known plaintext attacks?

Answer 16

An attacker can launch a known plaintext attack if there is samples of both the plaintext and cipher text.

Question 17

What is typo squatting?

Answer 17

Occurs when someone buys a domain name that is close to a legitimate domain name and when someone auto completes or type the name wrong they will be lead to the malicious website.

Question 18

What is clickjacking?

Answer 18

Tricks users into clicking something other than what they think they’re clicking.

Question 19

What is session hijacking?

Answer 19

It takes advantage of session IDs stored in cookies. When a user logs on to a website, the website often returns a small text file with a session ID.
The attacker uses the user’s session ID to impersonate the user. The web server doesn’t know the difference between the original user and the attacker because it is only identifying the user based on session ID.

Question 20

What is domain hijacking?

Answer 20

An attacker changes the registration of a domain name without permission from the owner.

Question 21

What is man in the browser attack?

Answer 21

It is a type of proxy Trojan horse that infects vulnerable web browsers. Successful man-in-the-browser attacks can capture browser session data.

Question 22

What is shimming?

Answer 22

Provides a solution that makes it appear older drivers are compatible.

Question 23

What is refactoring code?

Answer 23

It is the process of rewriting the internal processing of the code without changing its external behavior.

Question 24

What is zero-day vulnerability?

Answer 24

It is a weakness or bug that is unknown to trusted sources such as operating system and antivirus vendors.

Question 25

What is a memory leak?

Answer 25

It is a bug in a computer application that causes the application to consume more and more memory the longer it runs.

Question 26

What is integer overflow?

Answer 26

It attack attempts to use or create a numeric value that is too big for an application to handle. The result is the application give inaccurate results.

Question 27

What is a buffer overflow?

Answer 27

When an application receives more input, or different input than it expects. The result is an error that exposes system memory that would otherwise be protected and inaccessible.
Buffer overflow allows access to memory locations beyond application’s buffer.

Question 28

What is pointer dereference?

Answer 28

It is the process of using the pointer to access the data array.

Question 29

What is DLL injection?

Answer 29

Dynamic Link Library is a compiled set of code that an application can use without re-creating the code. DLL injection is an attack that injects a DLL into a system’s memory and causes it to run.

Question 30

What is input validation?

Answer 30

It is the practice of checking data for validity before using it. It prevents attacker from sending malicious code that an application will use by either sanitizing the input to remove malicious code or rejecting the input.

Question 31

What is the proper input validation?

Answer 31

Verifying proper characters, implementing boundary or range checking, blocking HTML code, and preventing the use of certain characters.

Question 32

What is race condition?

Answer 32

When two or more modules of an application or two or more applications, attempt to access a resource at the same time, it can cause a conflict.

Question 33

What is error-handling?

Answer 33

Ensure that an application can handle an error gracefully.

Errors to users should be general, and detailed information should be logged.

Question 34

What is code signing?

Answer 34

It is the process that provides a digital signature for the code and certificate includes a hash of the code.

Question 35

What is dead code?

Answer 35

Code that is never executed or used.

Question 36

What is obfuscation?

Answer 36

Attempts to make something unclear or difficult to understand. It rename variables, replace numbers with expressions, replace strings of characters with hexadecimal codes, and remove comments.

Question 37

What are common methods of testing code?

Answer 37

Static code analyzers, dynamic analysis, sandboxing, and model verification.

Question 38

What is static code analyzers?

Answer 38

Examines the code without executing it.

Question 39

What is dynamic analysis?

Answer 39

Checks the code as it is running. A common method is to use fuzzing which uses a computer program to send random data to an application.

Question 40

What is stress testing?

Answer 40

Attempts to simulate a live environment and determine how effective or efficient an application operates with a load.

Question 41

What is sandboxing?

Answer 41

Sandbox is an isolated area used for testing programs.

Question 42

What is model verification?

Answer 42

Process of ensuring that software meets specifications and fulfills its intended purposes.

Question 43

What is the waterfall model?

Answer 43

Each stage of waterfall feeds the next stage and some stages are requirements, design, implementation, verification, and maintenance.

Question 44

What is secure DevOps?

Answer 44

It is a software development process that includes extensive communication between software developers and operations personnel.

Question 45

What is security automation?

Answer 45

Automated tests to check code.

Question 46

What is continuous integration?

Answer 46

It is the process of merging code changes into a central repository. The software is then built and tested from this central repository.

Question 47

What is baselining?

Answer 47

Applying changes to the baseline code every day and building the code from these changes.

Question 48

Immutable systems?

Answer 48

It cannot be changed.

Question 49

What is infrastructure as code?

Answer 49

Managing and provisioning data centers with code that defines virtual machines (VMs).

Question 50

What is change management?

Answer 50

Helps ensure that developers do not make unauthorized changes.

Question 51

What is version control?

Answer 51

Tracks the versions of software as it is updated, including who made the update and when.

Question 52

What are the two primary applications used for web servers?

Answer 52

Apache, and Internet Information Services (IIS)

Question 53

What is normalization?

Answer 53

Database refers to organizing the tables and columns to reduce redundant data and improve overall database performance.

Question 54

What criteria does a database needs to meet to be 1NF?

Answer 54

First normal form

• Each row within a table is unique and identified with a primary key.
• Related data is contained in a separate table.
• None of the columns include repeating groups.

Question 55

What is 2NF?

Answer 55

Second normal form only applies to tables that have a composite primary key where two or more columns make up the full primary key.

Question 56

What criteria does a database needs to meet to be 2NF?

Answer 56

• It is 1NF

- Non-primary key attributes are completely dependent on the composite primary key.

Question 57

What does 3NF helps?

Answer 57

Third normal form helps eliminate unnecessary redundancies within a database.

Question 58

What criteria does a database needs to meet to be 3NF?

Answer 58

• It is 2NF
• All columns that aren’t primary keys are only dependent on the primary key. None of the columns in the table are dependent on non-primary key attributes.

Question 59

How does attackers use SQL injection?

Answer 59

Pass queries to back-end databases through web servers.

Question 60

What is stored procedures?

Answer 60

A group of SQL statements that execute as a whole, similar to a mini-program. A parameterized stored procedure accepts data as an input called a parameter.

Question 61

What are common injection attacks?

Answer 61

Attackers inject operating system commands into an application using web page forms or text boxes.

Question 62

What is cross-site scripting (XSS)?

Answer 62

It is another web application vulnerability that can be prevented with input validation techniques. Attackers embed malicious HTML or JavaScript code into a web site’s code.

Question 63

What is cross-site request forgery (XSRF)?

Answer 63

Attack where an attacker tricks a user into performing an action on a web site. The attacker creates a specially crafted HTML link and the user performs the action without realizing it.

Question 64

What is framework?

Answer 64

It is a structure used to provide a foundation. Generic categories of frameworks are regulatory, non-regulatory, national versus international, and industry-specific.

Question 65

What is the regulatory framework?

Answer 65

It is based on relevant laws and regulations.

Question 66

What is non-regulatory framework?

Answer 66

It is not required by any law. It identifies common standards and best practices that organizations can follow.

Question 67

What is national versus international?

Answer 67

Used within a single country, while others are used internationally.

Question 68

What is industry-specific?

Answer 68

Frameworks only apply to certain industries.