Questão 1
Questão
Define foot printing
Responda
-
Find out more about structure of target
-
Find out individual computers of target
-
Involves relatively high amount of manual work
-
Check if target candidates are actual alive and reachable
Questão 2
Questão
Into which classes are instructions grouped
Responda
-
Load/Store
-
Loops
-
Continuation
-
Comparison
-
Arithmetic
Questão 3
Questão
Define a verification in reconnaissance
Responda
-
Find out more about structure of target
-
Find out individual computers of target
-
Involves relatively high amount of manual work
-
Check if target candidates are actual alive and reachable
Questão 4
Questão
Define a command injection
Responda
-
An injection attack wherein an attacker can execute malicious SQL statements
-
A type of computer security vulnerability typically found in web application
-
An attack in which the goals is execution of arbitrary commands on the host operating system via a vulnerable application
Questão 5
Responda
-
Open Web Application Security Program
-
Open Wide Application Security Program
-
Open Wide Application Security Project
-
Open Web Application Security Project
Questão 6
Questão
When command injection is possible
Responda
-
User input is either incorrectly filtered for string literal for escape characters embedded in SQL statement or user input is not strongly typed and unexpected executed
-
An application passes unsafe user supplied data (forms, cookies, HTTP headers and etc.) to a system shell
-
Relies on Social Engineering in order to trick the victim into executing malicious JavaScript code into their browser
Questão 7
Questão
How does an interpreter work?
Responda
-
Translate source code into some efficient intermediate representation and immediate executes this
-
Describes sequences of executable instructions that do not necessarily constitute an executable file
-
Transforms source code written in a programming language into another computer language
-
Parse the source code and perfom its behavior directly
Questão 8
Questão
Find an appropriate types of interpreters
Questão 9
Questão
What does register “rip” store?
Responda
-
Condition flags
-
Program counter
-
Frame pointer
-
Stack pointer
Questão 10
Questão
Which of the following GDB commands puts breakpoints at the beginning of the program?
Responda
-
b N
-
b +N
-
b main
-
into break
Questão 11
Questão
Which of the following GDB commands puts breakpoint N lines down from the current line ?
Questão 12
Responda
-
Preservers a symbol table entity
-
The process of recovering assembly from machine code
-
The process of deallocating arguments on the stack
-
All of the above
Questão 13
Responda
-
all of the above
-
procedure invoked by another function
-
code that invokes a procedure
-
deallocates arguments on stack after return
Questão 14
Responda
-
registers that must not be clobbered
-
procedure invoked by another function
-
code that invokes a procedure
-
none of the above
Questão 15
Questão
Give the description of Mem(rsp)?Succ(rip)
Responda
-
store successor
-
pop successor into rip
-
jump to address
-
jump to successor
Questão 16
Questão
Distinction between jumps and calls
Responda
-
there is no destinction between jumps and calls
-
jumps simply transfer control with no side effects, calls used to implement procedures
-
jumps used to implement procedures, calls simply transfer control with side effects
-
jumps simply transfer control with side effects, calls used to implement transfers
Questão 17
Questão
Distinction between direct and indirect transfers
Responda
-
direct transfers use relative offsets, indirect transfers are absolute
-
direct transfers are absolute, indirect transfers use relative offsets
-
direct transfers use fixed offsets, indirect transfers are not absolute
-
direct transfers are not absolute, indirect transfers use fixed offsets
Questão 18
Questão
Standards (calling conventions) exist for:
Responda
-
none of the above
-
specify the caller and callee’s responsibilities
-
all of the above
-
specify where arguments are passed (registers, stack)
Questão 19
Questão
Select all possible ways to protect the stack
Responda
-
stack canaries
-
memory safe languages, such as Java, C#
-
using strcpy instead of stcncpy
-
address space layout randomization
-
non-executable flag
Questão 20
Questão
What are requirements of stack canaries (i.e. cookies)?
Responda
-
Large domain
-
Small domain
-
Randomness
-
Replicativeness
Questão 21
Questão
Which one of the following is true abot UID key?
Responda
-
Derived from user passcode
-
Prevents offline attacks
-
Can only be used while the phone is running
-
Ensures passcode key is unique for different devices even if passcode is the same
Questão 22
Questão
What of the following is false for provisioning?
Responda
-
Device allows apps signed by owner’s key to run according to the installed profile
-
Apple signs a provisioning profile that references developer certs
-
Users install provisioning profile
-
Apple signs certificates provided by developers
Questão 23
Questão
Which of the following refers to Android components?
Responda
-
ContentProvider
-
Activity
-
Service
-
BroadcastReceiver
Questão 24
Questão
How many Android malware categories are represented?
Questão 25
Questão
Which of the following is right about mobile devices challenges?
Responda
-
Limited user input capabilities
-
Mobile devices are at lower risk of confidentiality breachesv
-
Difficult to perform pre-boot authentication
-
Difficult to lose or steal a phone than a desktop
Questão 26
Responda
-
Password-Based Key Demonstration Function
-
Password-Based Key Derivation Function
-
Password-Based Key Derivation Formula
-
Password-Based Key DemonstrationFunction (реально там так)
Questão 27
Questão
What are the challenges that mobile devices present?
Responda
-
Unlimited user input capabilities
-
Difficult to perform pre-boot authentication
-
Uses touch-screen instead of keyboards
Questão 28
Questão
Select all of iOS Data Protection classes
Responda
-
File is protected, only accessible when device unlocked
-
File is not protected
-
File is protected, accessible after device unlocked
-
File is protected until user passcode entered
Questão 29
Questão
Select all libc’s unsafe function that was removed in bionic.
Responda
-
strcpy
-
strncpy
-
gets
-
strcat
Questão 30
Questão
When code signature of capabilities is validated in iOS?
Responda
-
during kill
-
during installation
-
during start up
-
at run time
Questão 31
Questão
Why do we carry about Web Applications Security? Choose all that apply.
Questão 32
Questão
OWASP is community dedicated to enabling organizations to maintain applications that can be trusted and stands for:
Responda
-
Open Web Application Security Project
-
Online Web Application Security Project
-
Online Web Application Security Principles
-
Open Web Application Security Principles
-
Open Web Application Standards Project
Questão 33
Questão
Application authentication functions are often not implemented correctly, allowing attackers to compromise passwords, keys, or session tokens, or to exploit other implementation flaws to assume other users’ identities.
Responda
-
Injection
-
Cross-Site Request Forgery (CSRF)
-
Using Components with Known Vulnerabilities
-
Cross-Site Scripting (XSS)
-
Broken Authentication and Session Management
Questão 34
Questão
This attack occurs when a developer exposes a reference to an internal implementation object, such as a file, directory, or database key.
Responda
-
Sensitive Data Exposure
-
Insecure Direct Object References
-
Unvalidated Redirects and Forwards
-
Injection
-
Missing Function Level Access Control
Questão 35
Questão
If a vulnerable library, framework, or any other software is exploited, such an attack can facilitate serious data loss or server takeover.
Responda
-
Sensitive Data Exposure
-
Using Components with known vulnerabilities
-
Unvalidated Redirects and Forwards
-
Missing Function Level Access Control
-
Insecure Direct Object References
Questão 36
Questão
Assume that your Web application stores information about many bank accounts. Which threat is your application vulnerable to if you can manipulate the URL of an account page to access all accounts?
Responda
-
Insecure Direct Object Reference
-
Cross-site scripting
-
Cross-Site Request Forgery
-
Injection
-
Unvalidated Redirects and Forwards
Questão 37
Questão
Which of the following input sources can be directly controlled by a malicious user?
Questão 38
Questão
What should you do before passing credentials over the network?
Responda
-
Use Secure Socket Layer Connection
-
Replace the credentials with a cryptographic salt and hash
-
Share the credentials with the client
-
Accept session IDs from URLs
-
Use persistent cookies to manage session IDs
Questão 39
Questão
What is an interpreter?
Responda
-
a computer program that compiles executions, instructions
-
a computer program that directly executes, i.e. performs, instructions written in a human language, without previously compiling them into a machine language program
-
a computer program that directly executes, performs, instructions written in a programming or scripting language, without previously compiling them into a machine language program
-
a computer program that directly executes, performs, instructions written in a programming or scripting language after compiling them into a machine language program
Questão 40
Questão
Reconnaissance methods are
Responda
-
Intelligence gathering
-
Finger printing
-
Verification
-
Banner grabbing
Questão 41
Questão
Which phase of reconnaissance is important so that if you make mistake in this phase you may never find vulnerable part of system
Responda
-
Intelligence Gathering
-
Fingerprinting
-
Banner grabbing
-
Verification
-
Footprinting
Questão 42
Questão
It is known that core principle of port scanning is : send packet and then check the response During SYN scan what response implies that port is open
Questão 43
Questão
Many eCommerce businesses utilize third party payment provides to store credit card information for recurring billing. This offloads the burden of keeping credit card numbers safe. It correspond to the following rule:
Responda
-
Use strong approved Authenticated Encryption
-
Only store sensitive data that you need
-
Follow applicable regulation on use of cryptography
-
Ensure that any secret key is protected from unauthorized access
Questão 44
Questão
How to prevent “Sensitive Data Exposure”
Responda
-
Enable caching for pages that contain sensitive data
-
Restrict character set used for password
-
Enable autocomplete on forms collecting sensitive data
-
Don’t store sensitive data unnecessarily
Questão 45
Questão
Storage encryption should add additional layer of protection that will continue protecting the data even if an attacker subverts the database access control layer . It corresponds to the following rule
Responda
-
Ensure that any secret key is protected from unauthorized access
-
Follow applicable regulation on use of cryptography
-
Ensure that the cryptographic protection remains secaure even if access control fail
-
Use strong approved Authenticated Encryption
Questão 46
Questão
What is defined by key lifecycle?
Responda
-
The lifecycle will specify when data must be rekeyed
-
The lifecycle will specify when a key should no longer be use for decryption
-
The lifecycle will specify when a key should no longer be use for encryption
-
All of them
Questão 47
Questão
A site simply doesn’t use SSL for all authenticated pages. Attacker simply monitor network traffic (like an open wireless network) and steals the user’s session cookie. Attacker then replays this cookie and hijacks the user’s session, accessing the user private data. This scenario of attack belongs to
Questão 48
Questão
The password database uses unsalted hashes to store everyone’s password. A file upload flaw allows an attacker to retrieve the password file. All of the unsalted hashes can be exposed with a rainbow table of precalculated hashes. This scenario of attack belongs to
Questão 49
Questão
Web application is vulnerable to ‘Sensetive Data Exposure ’ if:
Responda
-
Proper key management or rotation missing
-
All of them
-
Browser security directives or headers missing when sensitive data is provided by /sent to the browser
-
Sensitive data transmitted in clear text, internally or externally
Questão 50
Questão
Which statements are the part of DML in SQL?
Responda
-
DELETE
-
INSERT
-
SELECT
-
CREATE
-
DROPE
Questão 51
Questão
what are the most popular things to attacker can do stack vulnerability ?
Responda
-
Change the control flow of the program
-
Report the bag to a developer of the program
-
Overflows the stack to throw segmentation fault
-
Rewrite the program variable values
-
Inject a new functionality to the program
Questão 52
Questão
Low level languages like C/C++ are no memory-safe .Which of the following statements is true: Programmers can directly manipulate pointers Memory accesses are not bounds-checked for validity
Responda
-
none of them
-
both of them
-
only 2
-
only 1
Questão 53
Questão
What are the potential targets of stack overwrite attack?
User data
Instruction pointers
Frame pointers
Responda
-
all of them
-
only 1 and 3
-
only 1 and 2
Questão 54
Questão
What are requirements for running payload in the stack ?
Payload should not contain ZEROS
Stack should be non – executable
Playload size should be smaller than buffer size
Questão 55
Questão
What are the potential targets of stack overwrite attack ?
Responda
-
User data
-
Instration pointer
-
Procedure arguments
-
Frame pointers
Questão 56
Questão
What are requirements for running payload in the stack ?
Responda
-
Payload size should be smaller than buffer size
-
Stack should be non-executable
-
Payload should use libc library
-
Payload should not contain ZEROS
Questão 57
Questão
Which of the following does not refer to the OWASP?
Responda
-
Unvalidated Redirects and Forwards
-
Sensitive Data Exposure
-
Cross – Site Request Forgery
-
Using Unknown Vulnerable Components
Questão 58
Questão
Which of the following provides API for accessing browser state and frame content?
Questão 59
Questão
What are the ways insert JavaScript code into HTML page? Select all that apply
Questão 60
Questão
What kind of protection mechanisms exist against XSS attack?
Questão 61
Questão
When and by whom proposed stack cookies?
Responda
-
Cowan, 1996
-
Cowan, 1998
-
Vaughan, 1998
Questão 62
Questão
Which of the following refers to defenses for memory corruption
Responda
-
Stack canaries
-
Safer libc functions
-
Random canaries
-
Heap canaries
Questão 63
Questão
Which of the following properties are required in stack cookies?
Responda
-
Random
-
Large domain
-
Sequence
-
Small domain
Questão 64
Questão
If attackers cannot inject an executable exploit payload, what does one do?
Questão 65
Questão
What is the purpose of using ASLR?
Responda
-
Recognize the names of the addresses
-
Recognize the locations of the addresses
-
Randomize the locations of the addresses
-
Randomize the names of the addresses
Questão 66
Responda
-
Address security layout randomization
-
Address space layout randomization
-
Application space layer randomization
-
Application space layout randomization
Questão 67
Questão
Which of the following is true about ASLR?
Responda
-
Transparent to safe applications
-
Very little overhead
-
Requires program recompilation
-
Randomizing at process creatin
Questão 68
Questão
Which of the following idea about stack cookies proposed by Cowan?
Responda
-
Before returning, check the value against the original
-
Guard sensitive data, including the saved IP, with a copy of a secret value
-
If there is a difference, assume something bad has happened and terminate
-
If there is a difference, assume something good has happened and terminate
Questão 69
Questão
Which of the following does not refer to the cryptographic storage rules?
Responda
-
Store a one-way and salted value of passwords
-
Save all your data
-
Use strong approved Authenticated Encryption
-
Ensure that any secret key is protected from unauthorized access
Questão 70
Questão
How many types of XSS exist?
Questão 71
Questão
Which of the following type does not refer to XSS?
Responda
-
Reflected
-
Stored
-
MOM based
-
DOM based
Questão 72
Questão
Define reflected XSS
Responda
-
Attacker submits malicious code to server
-
Code included in page rendered by visiting link
-
Victim accesses page that includes stored, injected code
-
App (server-side) persists code
Questão 73
Questão
Which of the following is false about stored XSS?
Responda
-
Attacker submits malicious code to server
-
Code included in page rendered by visiting link
-
Victim accesses page that includes stored, injected code
-
App (server-side) persists code
Questão 74
Questão
Which of the following does not refer to protection against XSS attacks?
Responda
-
Procedure integrity
-
Output Sanitization
-
XSS Filter
-
HTTP Only
Questão 75
Questão
How many classes exist in document integrity
Questão 76
Questão
A direct object reference occurs when a developer exposes a reference to
Questão 77
Questão
Even “secure” websites that use SSL just accept the requests that arrive through the encrypted tunnel without security
Questão 78
Questão
If the parameters are under control of the user and are not properly sanitized, the user can inject its own commands in the interpreter
Questão 79
Questão
Injection flaws occur when an application send trusted data to an interpreter
Questão 80
Questão
A direct object reference occurs when a developer exposes a reference to an internal implementation object, such as a file, directory, or database key
Questão 81
Questão
Injection flaws occur when an application send untrusted data to an interpreter
Questão 82
Questão
Injection flaws occur when an application send untrusted data to an compiler
Questão 83
Questão
Is the following statement true about Insecure Direct Object Reference “With an access control check or other protection, attackers can manipulate these references to access unauthorized data.”
Questão 84
Questão
Is the given statement true about Missing Function Level Access Control “Applications need to perform the same access control checks on the server when each function is accessed”
Questão 85
Questão
Stack grows downwards. Stack is data segment for function-local data, dynamic data and text data.
Questão 86
Questão
Memory can distinguish between different types of variable by using flags
Questão 87
Questão
Compilers translate code from a higher level to a lower level
Questão 88
Questão
Control transfers change control flow of programs
Questão 89
Questão
Marking the stack with non-executable flag prevents from all types of stack attack
Questão 90
Questão
Protecting stack with canary may leak sensitive information
Questão 91
Questão
Mobile devices are at a lower risk of confidentiality breaches
Questão 92
Questão
Mobile devices present unique challenges
Questão 93
Questão
iOS provides an API for encrypting stored files
Questão 94
Questão
Device ID (UID) in iphone can be used when phone is turned off.
Questão 95
Questão
Brute Force mitigations that are implemented on UI can not be escaped
Questão 96
Questão
It is possible to dynamically sign the code in IOS
Questão 97
Questão
When implementing an authentication or session system, you should ensure that new session IDs are not created at login
Questão 98
Questão
It is possible to run operating system shell command inside web site
Questão 99
Questão
Recursive sweep begins at an address and continues sequentially until the buffer exhausted
Questão 100
Questão
Developers can protect the web application by filtering out malicious input
Questão 101
Questão
Verification phase during reconnaissance involve high amount of manual work
Questão 102
Questão
Zone transfer is about copying original DNS data to different DNS Server
Questão 103
Questão
strcpy() performs no bounds-checking, relying instead on finding a terminating null character in the source string
Questão 104
Questão
If the keys are stored with the data then any compromise of the data will easily compromise the keys as well. Unencrypted keys should never reside on the same machine or cluster as the data.
Questão 105
Questão
SQL DML is used to manipulate with records in tables
Questão 106
Questão
It is possible to protect web application from SQL injection by filtering out single and double quotes
Questão 107
Questão
It is not possible to inject complex SQL statements as a part of an attack, except SELECT statements
Questão 108
Questão
NOP sled is special instruction which tells the OS that the program has payload, and it should directly run it.
Questão 109
Questão
It is not possible to inject new code to the stack
Questão 110
Questão
JavaScript use strongly type primitives to provide basic functionality
Questão 111
Questão
Cross Site Scripting attack is the result of running code from untrusted origin
Questão 112
Questão
Is the given statement true about non – executable data? If the attacker can assume control flow but cannot execute a payload, attacks become more difficult
Questão 113
Questão
Is the following statement true about Instruction Set Randomization? Does not require a large degree of support from underlying layers
Questão 114
Questão
Is the given statement true about XSS “running code from a trusted origin”
Questão 115
Questão
In reflected XSS the code is included as a part of malicious link
Questão 116
Questão
Is the given statement true about HTTPOnly attribute “Specifies that cookie should be exposed via document cookie”?
Questão 117
Questão
Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application
Questão 118
Questão
Intelligence Gathering involves relatively high amount of manual work
Questão 119
Questão
1Which functions are mostly vulnerable to stack overflow attacks
Responda
-
Strcat()
-
Strcpy()
-
Gets()
-
Scanf()
Questão 120
Questão
What will be result, if we ‘print “a”x300;’ for the given code?
int main(int argc, char ** argv){
char buf[256];
strcpy(buf,argv[1]);
printf(“%s\n”, buf);
return 0;}
Responda
-
Error
-
0
-
Ax300 times
-
Ax256 times, 0x44 times
Questão 121
Questão
The consequences of arbitrary code execution
Questão 122
Responda
-
a. A situation where a running program attempts to write data outside the memory buffer which is not intended to store this data
-
b. A buffer is simply a contiguous block of computer memory that holds multiple instances of the same data type
-
c. Portion of the memory allocated for storage programs such as variables
-
d. The program that wants to overwrite the memory
Questão 123
Questão
Why does stack overflow attack occur?
Responda
-
a. Programmers can directly manipulate pointers
-
b. Memory accesses are checked
-
c. Memory accesses are not bounds-checked for validity
-
d. Programmers cannot directly manipulate pointers
Questão 124
Questão
When the stack overflow attack is introduced?
Questão 125
Questão
Which is not going to be randomized in ASLR
Responda
-
a. Library
-
b. Text
-
c. Heap
-
d. Stack
Questão 126
Questão
18. Which is going to be randomized in ASLR?
Responda
-
a. Library
-
d. Stack
-
b. Text
-
c. Heap
Questão 127
Questão
Why the stack canary is the effective of protecting from overflow attack?
Responda
-
a. Canary stack has to check variables
-
b. Stack canary might be reused
-
c. Stack canary is the constant value
-
d. Canary stack corrupts the executed code, then instruction will have an ability to set to the next
Questão 128
Questão
How many types of attack exist?
Questão 129
Questão
Define an active attack?
Responda
-
a. The attacker can monitor and can do recognition of the target
-
b. The Attacker attempts to alter system resources or destroy the data
-
c. The Attacker attempts to gain information from the system without destroying the information
-
d. The Attacker can change the data
Questão 130
Questão
Define a passive attack
Responda
-
a. The Attacker attempts to gain information from the system without destroying the information
-
b. The Attacker can change the data
-
d. The Attacker attempts to alter system resources or destroy the data
-
c. The attacker can monitor and can do recognition of the target
Questão 131
Questão
Which of the following attacks refer to the active attack?
Questão 132
Questão
Which of the following attacks refer to the passive attack?
Responda
-
a. Idle attack
-
b. Dos
-
Overflow
-
c. Port scanner
Questão 133
Questão
What kind of attack is given? You would like to send some requests to kaspi.kz, here an attacker forwards your request to fake kaspi.kz
Responda
-
a. Dos
-
b. Eavesdropping
-
Overflow
-
c. Address spoofing
Questão 134
Questão
What does an ARP Based filtering mean
Responda
-
a. Sniffing packets between two hosts on a switched network
-
b. Filtered packets by IP address
-
c. Sniffing packets from a user to all hosts
-
d. Filtered packets by MAC address
Questão 135
Questão
What does Public ARP Based filtering mean?
Responda
-
a. Sniffing packets from a user to all hosts
-
b. Sniffing packets between two hosts on a switched network
-
c. Filtered packets by IP address
-
d. Filtered packets by MAC address
Questão 136
Questão
Which of the following attacks refer to the passive attack?*
Responda
-
a. Dos
-
Overflow
-
Port Scanner
-
No answer
Questão 137
Questão
What are the most popular things attacker can do after exploiting stack vulnerability
Responda
-
a. Change the control flow of the program
-
c. Report the bug to a developer of the program
-
d. Overflows the stack to throw segmentation fault
Questão 138
Questão
Which of the following properties are requires in stack cookies?
Responda
-
a. No correct answer
-
b. Small domain
-
c. Sequence
-
d. Random
Questão 139
Questão
Which of the following is false about ASLR?
Responda
-
a. Requires program recompilation
-
b. Transparent to safe applications
-
c. Randomizing at process creation
-
d. Very little overhead
Questão 140
Questão
Which of the following does not refer to the consequences of arbitrary code execution
Questão 141
Questão
What are the most popular things attacker can do after exploiting stack vulnerability?
Responda
-
a. Inject a new functionality to the program
-
b. Overflows the stack to throw segmentation fault
-
c. No correct answer
-
d. Report the bug to a developer of the program
Questão 142
Questão
What are the most popular things attacker can do after exploiting stack vulnerability?
Responda
-
a. Inject a new functionality to the program
-
b. Overflows the stack to throw segmentation fault
-
c. No correct answer
-
d. Report the bug to a developer of the program
-
e. Rewrite the program variable values
Questão 143
Questão
Which of the following is not a way to protect the stack
Responda
-
a. Address Space Layout Randomization
-
b. Memory safe languages, such as Java, C
-
c. Using strcpy instead of strncpy
-
d. Non-executable Flag
Questão 144
Questão
Which of the following idea is false about stack cookies proposed by Cowan?
Responda
-
a. Before returning, check the value against the original
-
b. If there is a difference, assume something bad has happened and terminate
-
c. Guard sensitive data, including the saved IP, with copy of a secret value
-
d. If there is a difference, assume something good has happened and terminate
Questão 145
Responda
-
a. All the above
-
b. Preserves a symbol table entry
-
d. The process of deallocating arguments on the stack none of the above
-
c. The process of recovering assembly from machine code
Questão 146
Questão
Define the given attack type
Username = Emmanuel
Passwords = 1234567, qwertz, asdfgh, abcd, ....
[pet names], [birthdays], [car names], [dictionary]...
Questão 147
Questão
What is Normal Brute Force attack?
Responda
-
c. For one username attackers test one password
-
d. For one password attackers test many user names
-
e. For one username attackers test many passwords
-
f. All the above mentioned
Questão 148
Questão
Define Reverse Brute Force
Responda
-
a. For one password attackers test many user names
-
b. All the above mentioned
-
c. For one username attackers test many passwords
-
d. For one username attackers test one password
Questão 149
Questão
Check OWASP vulnerabilities
Responda
-
a. Using Know Vulnerable Components
-
b. Missing Function Level Access Control
-
c. Security Misconfigurations
-
d. Password Management
Questão 150
Questão
OWASP is an open community dedicated to enabling organizations to develop, purchase, and maintain applications that can be trusted
Questão 151
Questão
Which of the following is true about the risks of Broken Authentication and Session Management?
Questão 152
Questão
Which of the following is true about footprinting?
Responda
-
a. Less technical information, but important
-
b. Involves relatively high amount of manual work
-
c. Get as many plausible candidates as possible
-
d. NS (name server) / MX (mail exchange) records
Questão 153
Questão
Reconnaissance may start with just one piece of information
Questão 154
Questão
Which of the following approaches refer to Verification?
Questão 155
Questão
Attacker creates a session on a web site -> Attacker sends this Session ID to the victim -> Targeted Web site receives the request from the victim
Questão 156
Questão
Guessing a person username and password, credit-card number, cryptographic key refers to
Questão 157
Questão
1. What is verification phase in reconnaissance?
Responda
-
a. Check if the target candidates are actually alive and reachable
-
b. Find out more about structure of target
-
c. All the above mentioned
-
d. Find out individual computers of target
Questão 158
Questão
Which of the following is true about intelligence gathering objectives?
Responda
-
a. Checks if results are plausible test them
-
b. Less technical information, but important
-
c. Involves relatively high amount of manual work
-
d. Extends scope of security analysis, may reveal new parts of target
-
e. Gets as many plausible candidates as possible
Questão 159
Questão
Which of the following is the best of protecting from overflow attacks
Questão 160
Questão
What does this case mean? An attacker’s target should be accessible
Responda
-
a. Must be associated to target
-
b. All the above mentioned
-
c. Must be confidential
-
d. Must be able to attack it
Questão 161
Questão
What does this case mean? An attacker’s target should be relevant
Responda
-
a. Must be confidential
-
b. Must be associated to target
-
c. Must be able to attack it
-
d. All the above mentioned
Questão 162
Questão
Why stack overflow attack occurs here?
Responda
-
a. Strcpy() function does not perform a bounds check
-
b. Strcpy library is not included
-
c. Works correctly
-
d. To “source” variable copied more expected
Questão 163
Questão
What does it mean?
Responda
-
a. Buffer allocation
-
b. Return the value
-
c. Saves to rbx
-
d. Call the function
Questão 164
Questão
Which of the following vulnerabilities are NOT listed in OWASP Top 10? Choose all that apply.
Responda
-
Social Engineering
-
Cross-site scripting
-
Unvalidating Redirects and Forwards
-
Security Misconfiguration
-
Unvalidating password difficulty
Questão 165
Questão
What flaws arises from session tokens having poor randomness across a range of values?
Questão 166
Questão
Find the best countermeasures to solve an Insecure Direct Object Reference attack. Choose all that apply.
Responda
-
Properly validate cookie data, URL parameters, all HTML From data
-
Use reasonable session timeouts
-
Use secure randomly generated session keys to make prediction impossible
-
Architect your application to check if the data is encrypted with every request
-
Do not expose internals to the user
Questão 167
Questão
Define intelligent gathering
Responda
-
Find out more about structure of target
-
Find out individual computers of target
-
Involves relatively high amount of manual work
-
Check if target candidates are actual alive and reachable
Questão 168
Questão
Injection flaws occur when an application send trusted data to an compiler