What language below is used to view and manipulate data that is stored in a relational database?
C
DQL
SQL
ISL
answer
SQL
question
Which type of attack broadcasts a network request to multiple computers but changes the address from which the request came to the victim's computer?
IP spoofing
denial of service
DNS Poisoning
smurf attack
answer
smurf attack
question
What type of additional attack does ARP spoofing rely on?
DNS Poisoning
replay
MITB
MAC spoofing
answer
MAC spoofing
question
A buffer overflow attack occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer.
True
False
answer
True
question
What type of privileges to access hardware and software resources are granted to users or devices?
access privileges
user rights
access rights
permissions
answer
access rights
question
What attack occurs when a domain pointer that links a domain name to a specific web server is changed by a threat actor?
pointer hack
DNS spoofing
clickjacking
domain hijacking
answer
domain hijacking
question
When an attack is designed to prevent authorized users from accessing a system, it is called what kind of attack?
MITM
spoofing
denial of service
blocking
answer
denial of service
question
In an integer overflow attack, an attacker changes the value of a variable to something outside the range that the programmer had intended by using an integer overflow.
True
False
answer
True
question
What type of web server application attacks introduce new input to exploit a vulnerability?
language attacks
cross-site request attacks
hijacking attacks
injection attacks
answer
injection attacks
question
What protocol can be used by a host on a network to find the MAC address of another device based on an IP address?
DNS
ARP
TCP
UDP
answer
ARP
question
When an attacker promotes themselves as reputable third-party advertisers to distribute their malware through the Web ads, what type attack is being performed?
ad squatting
clickjacking
malvertising
ad spoofing
answer
malvertising
question
What technology expands the normal capabilities of a web browser for a specific webpage?
extensions
add-ons
plug-ins
Java applets
answer
extensions
question
What type of attack is being performed when multiple computers overwhelm a system with fake requests?
DDoS
DoS
SYN flood
replay attacks
answer
DDoS
question
The exchange of information among DNS servers regarding configured zones is known as:
resource request
zone sharing
zone transfer
zone removal
answer
zone transfer
question
Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database?
whatever AND email IS NULL; --
whatever; AND email IS NULL; --
whatever" AND email IS NULL; --
whatever' AND email IS NULL; --
answer
whatever' AND email IS NULL; --
question
When TCP/IP was developed, the host table concept was expanded into a hierarchical name system for matching computer names and numbers using this service:
HTTP
NSDB
URNS
DNS
answer
DNS
question
Which SQL injection statement example below could be used to discover the name of the table?
whatever%20 AND 1=(SELECT COUNT(*) FROM tabname); --
whatever' AND 1=(SELECT COUNT(*) FROM tabname); --
whatever; AND 1=(SELECT COUNT(*) FROM tabname); --
whatever%; AND 1=(SELECT COUNT(*) FROM tabname); --
answer
whatever' AND 1=(SELECT COUNT(*) FROM tabname); --
question
What criteria must be met for an XXS attack to occur on a specific website?
The website must accept user input while validating it and use that input in a response.
The website must accept user input without validating it and use that input in a response.
The website must not accept user input without validating it and use that input in a response.
The website must accept user input while validating it and omit that input in a response.
answer
The website must accept user input without validating it and use that input in a response.
question
Choose the SQL injection statement example below that could be used to find specific users:
whatever' OR full_name = '%Mia%'
whatever' OR full_name IS '%Mia%'
whatever' OR full_name LIKE '%Mia%'
whatever' OR full_name equals '%Mia%'
answer
whatever' OR full_name LIKE '%Mia%'
question
What specific ways can a session token be transmitted? (Choose all that apply.)
In the URL.
In the trailer of a frame.
In the header of a packet.
In the header of the HTTP requisition.
answer
In the URL, in the header of the HTTP requisition
Haven't found what you need?
Search for quizzes and test answers now
Quizzes.studymoose.com uses cookies. By continuing you agree to our cookie policy