Cts1120 Chapter 5 Quiz/review

What language below is used to view and manipulate data that is stored in a relational database? C DQL SQL ISL

Which type of attack broadcasts a network request to multiple computers but changes the address from which the request came to the victim's computer? IP spoofing denial of service DNS Poisoning smurf attack

What type of additional attack does ARP spoofing rely on? DNS Poisoning replay MITB MAC spoofing

A buffer overflow attack occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer. True False

What type of privileges to access hardware and software resources are granted to users or devices? access privileges user rights access rights permissions

What attack occurs when a domain pointer that links a domain name to a specific web server is changed by a threat actor? pointer hack DNS spoofing clickjacking domain hijacking

When an attack is designed to prevent authorized users from accessing a system, it is called what kind of attack? MITM spoofing denial of service blocking

In an integer overflow attack, an attacker changes the value of a variable to something outside the range that the programmer had intended by using an integer overflow. True False

What type of web server application attacks introduce new input to exploit a vulnerability? language attacks cross-site request attacks hijacking attacks injection attacks

What protocol can be used by a host on a network to find the MAC address of another device based on an IP address? DNS ARP TCP UDP

When an attacker promotes themselves as reputable third-party advertisers to distribute their malware through the Web ads, what type attack is being performed? ad squatting clickjacking malvertising ad spoofing

What technology expands the normal capabilities of a web browser for a specific webpage? extensions add-ons plug-ins Java applets

What type of attack is being performed when multiple computers overwhelm a system with fake requests? DDoS DoS SYN flood replay attacks

The exchange of information among DNS servers regarding configured zones is known as: resource request zone sharing zone transfer zone removal

Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database? whatever AND email IS NULL; -- whatever; AND email IS NULL; -- whatever" AND email IS NULL; -- whatever' AND email IS NULL; --

When TCP/IP was developed, the host table concept was expanded into a hierarchical name system for matching computer names and numbers using this service: HTTP NSDB URNS DNS

Which SQL injection statement example below could be used to discover the name of the table? whatever%20 AND 1=(SELECT COUNT(*) FROM tabname); -- whatever' AND 1=(SELECT COUNT(*) FROM tabname); -- whatever; AND 1=(SELECT COUNT(*) FROM tabname); -- whatever%; AND 1=(SELECT COUNT(*) FROM tabname); --

What criteria must be met for an XXS attack to occur on a specific website? The website must accept user input while validating it and use that input in a response. The website must accept user input without validating it and use that input in a response. The website must not accept user input without validating it and use that input in a response. The website must accept user input while validating it and omit that input in a response.

Choose the SQL injection statement example below that could be used to find specific users: whatever' OR full_name = '%Mia%' whatever' OR full_name IS '%Mia%' whatever' OR full_name LIKE '%Mia%' whatever' OR full_name equals '%Mia%'

What specific ways can a session token be transmitted? (Choose all that apply.) In the URL. In the trailer of a frame. In the header of a packet. In the header of the HTTP requisition.