Question 1

Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database?

Accepted Answer

A) whatever AND email IS NULL;-- 
B) whatever;AND email IS NULL;-- 
C) whatever" AND email IS NULL;-- 
D) whatever' AND email IS NULL;-- 
A) whatever AND email IS NULL;-- 
B) whatever;AND email IS NULL;-- 
C) whatever" AND email IS NULL;-- 
D) whatever' AND email IS NULL;--

Question 2

What language below is used to view and manipulate data that is stored in a relational database?

Accepted Answer

A) C 
B) DQL 
C) SQL 
D) ISL 
A) C 
B) DQL 
C) SQL 
D) ISL

Question 3

A buffer overflow attack occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer.

Accepted Answer

A) True 
 B)False

Question 4

What type of an attack is being executed if an attacker substituted an invalid MAC address for the network gateway so no users can access external networks?

Accepted Answer

A) ARP poisoning 
B) man-in-the-middle 
C) denial of service 
D) DNS poisoning 
A) ARP poisoning 
B) man-in-the-middle 
C) denial of service 
D) DNS poisoning

Question 5

What type of additional attack does ARP spoofing rely on?

Accepted Answer

A) DNS Poisoning 
B) replay 
C) MITB 
D) MAC spoofing 
A) DNS Poisoning 
B) replay 
C) MITB 
D) MAC spoofing

Question 6

What is the basis for domain name resolution of names-to-IP addresses?

Accepted Answer

When TCP/IP was developed,the host table

Question 7

What type of attack is being performed when multiple computers overwhelm a system with fake requests?

Accepted Answer

A) DDoS 
B) DoS 
C) SYN flood 
D) replay attacks 
A) DDoS 
B) DoS 
C) SYN flood 
D) replay attacks

Question 8

What type of privileges to access hardware and software resources are granted to users or devices?

Accepted Answer

A) access privileges 
B) user rights 
C) access rights 
D) permissions 
A) access privileges 
B) user rights 
C) access rights 
D) permissions

Question 9

On a compromised computer,you have found that a user without administrative privileges was able to perform a task limited to only administrative accounts.What type of exploit has occurred?

Accepted Answer

A) Privilege escalation 
B) DNS cache poisoning 
C) ARP poisoning 
D) Man-in-the-middle 
A) Privilege escalation 
B) DNS cache poisoning 
C) ARP poisoning 
D) Man-in-the-middle

Question 10

What are some of the typical server attacks used by attackers?

Accepted Answer

Typical server attacks include

Question 11

What protocol can be used by a host on a network to find the MAC address of another device based on an IP address?

Accepted Answer

A) DNS 
B) ARP 
C) TCP 
D) UDP 
A) DNS 
B) ARP 
C) TCP 
D) UDP

Question 12

What type of attack intercepts communication between parties to steal or manipulate the data?

Accepted Answer

A) replay 
B) MAC spoofing 
C) man-in-the-browser 
D) ARP poisoning 
A) replay 
B) MAC spoofing 
C) man-in-the-browser 
D) ARP poisoning

Question 13

What two locations can be a target for DNS poisoning? (Choose all that apply. )

Accepted Answer

A) local host table 
B) external DNS server 
C) local database table 
D) directory server 
A) local host table 
B) external DNS server 
C) local database table 
D) directory server

Question 14

When an attack is designed to prevent authorized users from accessing a system,it is called what kind of attack?

Accepted Answer

A) MITM 
B) spoofing 
C) denial of service 
D) blocking 
A) MITM 
B) spoofing 
C) denial of service 
D) blocking

Question 15

How does a buffer overflow attack occur?

Accepted Answer

A buffer overflow attack occurs when a p

Question 16

Which of the following are considered to be interception attacks? (Choose all that apply. )

Accepted Answer

A) denial of service 
B) amplification attack 
C) man-in-the-middle 
D) replay attacks 
A) denial of service 
B) amplification attack 
C) man-in-the-middle 
D) replay attacks

Question 17

Explain how an attacker can use privilege escalation to gain access to a resources that are restricted?

Accepted Answer

One type of privilege escalation is when

Question 18

Choose the SQL injection statement example below that could be used to find specific users:

Accepted Answer

A) whatever' OR full_name = '%Mia%' 
B) whatever' OR full_name IS '%Mia%' 
C) whatever' OR full_name LIKE '%Mia%' 
D) whatever' OR full_name equals '%Mia%' 
A) whatever' OR full_name = '%Mia%' 
B) whatever' OR full_name IS '%Mia%' 
C) whatever' OR full_name LIKE '%Mia%' 
D) whatever' OR full_name equals '%Mia%'

Question 19

An attack that takes advantage of the procedures for initiating a session is known as what type of attack?

Accepted Answer

A) DNS amplification attack 
B) IP spoofing 
C) smurf attack 
D) SYN flood attack 
A) DNS amplification attack 
B) IP spoofing 
C) smurf attack 
D) SYN flood attack

Question 20

How does a cross-site scripting (XSS)attack work?

Accepted Answer

In a cross-site scripting (XSS)attack,th

Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database?

What language below is used to view and manipulate data that is stored in a relational database?

A buffer overflow attack occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer.

What type of an attack is being executed if an attacker substituted an invalid MAC address for the network gateway so no users can access external networks?

What type of additional attack does ARP spoofing rely on?

What is the basis for domain name resolution of names-to-IP addresses?

What type of attack is being performed when multiple computers overwhelm a system with fake requests?

What type of privileges to access hardware and software resources are granted to users or devices?

On a compromised computer,you have found that a user without administrative privileges was able to perform a task limited to only administrative accounts.What type of exploit has occurred?

What are some of the typical server attacks used by attackers?

What protocol can be used by a host on a network to find the MAC address of another device based on an IP address?

What type of attack intercepts communication between parties to steal or manipulate the data?

What two locations can be a target for DNS poisoning? (Choose all that apply. )

When an attack is designed to prevent authorized users from accessing a system,it is called what kind of attack?

How does a buffer overflow attack occur?

Which of the following are considered to be interception attacks? (Choose all that apply. )

Explain how an attacker can use privilege escalation to gain access to a resources that are restricted?

Choose the SQL injection statement example below that could be used to find specific users:

An attack that takes advantage of the procedures for initiating a session is known as what type of attack?

How does a cross-site scripting (XSS)attack work?

Introduction to Security

Malware and Social Engineering Attacks

Basic Cryptography

Advanced Cryptography and PKI

Network Security Devices, Design, and Technology

Administering a Secure Network

Wireless Network Security

Client and Application Security

Mobile and Embedded Device Security

Authentication and Account Management

Access Management

Vulnerability Assessment and Data Security

Business Continuity

Risk Mitigation

Filters

Exam 5: Networking and Server Attacks

Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database?

What language below is used to view and manipulate data that is stored in a relational database?

A buffer overflow attack occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer.

What type of an attack is being executed if an attacker substituted an invalid MAC address for the network gateway so no users can access external networks?

What type of additional attack does ARP spoofing rely on?

What is the basis for domain name resolution of names-to-IP addresses?

What type of attack is being performed when multiple computers overwhelm a system with fake requests?

What type of privileges to access hardware and software resources are granted to users or devices?

On a compromised computer,you have found that a user without administrative privileges was able to perform a task limited to only administrative accounts.What type of exploit has occurred?

What are some of the typical server attacks used by attackers?

What protocol can be used by a host on a network to find the MAC address of another device based on an IP address?

What type of attack intercepts communication between parties to steal or manipulate the data?

What two locations can be a target for DNS poisoning? (Choose all that apply. )

When an attack is designed to prevent authorized users from accessing a system,it is called what kind of attack?

How does a buffer overflow attack occur?

Which of the following are considered to be interception attacks? (Choose all that apply. )

Explain how an attacker can use privilege escalation to gain access to a resources that are restricted?

Choose the SQL injection statement example below that could be used to find specific users:

An attack that takes advantage of the procedures for initiating a session is known as what type of attack?

How does a cross-site scripting (XSS)attack work?

Introduction to Security

Malware and Social Engineering Attacks

Basic Cryptography

Advanced Cryptography and PKI

Network Security Devices, Design, and Technology

Administering a Secure Network

Wireless Network Security

Client and Application Security

Mobile and Embedded Device Security

Authentication and Account Management

Access Management

Vulnerability Assessment and Data Security

Business Continuity

Risk Mitigation

Filters