Question 1

Because the XSS is a widely known attack, the number of Web sites that are vulnerable is very small.

Accepted Answer

A) True 
 B)False

Question 2

An attack in which the attacker attempts to impersonate the user by using his or her session token is known as:

Accepted Answer

A) Session replay 
B) Session spoofing 
C) Session hijacking 
D) Session blocking 
A) Session replay 
B) Session spoofing 
C) Session hijacking 
D) Session blocking

Question 3

Which type of attack below is similar to a passive man-in-the-middle attack?

Accepted Answer

A) replay 
B) hijacking 
C) denial 
D) buffer overflow 
A) replay 
B) hijacking 
C) denial 
D) buffer overflow

Question 4

What language below is used to view and manipulate data that is stored in a relational database?

Accepted Answer

A) C 
B) DQL 
C) SQL 
D) ISL 
A) C 
B) DQL 
C) SQL 
D) ISL

Question 5

Which SQL injection statement example below could be used to discover the name of the table?

Accepted Answer

A) whatever%20 AND 1=(SELECT COUNT(*) FROM tabname); -- 
B) whatever' AND 1=(SELECT COUNT(*) FROM tabname); -- 
C) whatever; AND 1=(SELECT COUNT(*) FROM tabname); -- 
D) whatever%; AND 1=(SELECT COUNT(*) FROM tabname); -- 
A) whatever%20 AND 1=(SELECT COUNT(*) FROM tabname); -- 
B) whatever' AND 1=(SELECT COUNT(*) FROM tabname); -- 
C) whatever; AND 1=(SELECT COUNT(*) FROM tabname); -- 
D) whatever%; AND 1=(SELECT COUNT(*) FROM tabname); --

Question 6

Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database?

Accepted Answer

A) whatever AND email IS NULL; -- 
B) whatever; AND email IS NULL; -- 
C) whatever" AND email IS NULL; -- 
D) whatever' AND email IS NULL; -- 
A) whatever AND email IS NULL; -- 
B) whatever; AND email IS NULL; -- 
C) whatever" AND email IS NULL; -- 
D) whatever' AND email IS NULL; --

Question 7

The exchange of information among DNS servers regarding configured zones is known as:

Accepted Answer

A) resource request 
B) zone disarticulation 
C) zone transfer 
D) zone removal 
A) resource request 
B) zone disarticulation 
C) zone transfer 
D) zone removal

Question 8

The default root directory of the Microsoft Internet Information Services (IIS) Web server is located at which directory below?

Accepted Answer

A) /var/www 
B) C:\Inetpub\ wwwroot 
C) /var/html 
D) C:\wwwroot 
A) /var/www 
B) C:\Inetpub\ wwwroot 
C) /var/html 
D) C:\wwwroot

Question 9

The predecessor to today's Internet was a network known as ____________________.

Accepted Answer

The answer of The predecessor to today's Internet was a...

Question 10

What is a cookie, and how is it used?​

Accepted Answer

A cookie is used to track user specific

Because the XSS is a widely known attack, the number of Web sites that are vulnerable is very small.

An attack in which the attacker attempts to impersonate the user by using his or her session token is known as:

Which type of attack below is similar to a passive man-in-the-middle attack?

What language below is used to view and manipulate data that is stored in a relational database?

Which SQL injection statement example below could be used to discover the name of the table?

Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database?

The exchange of information among DNS servers regarding configured zones is known as:

The default root directory of the Microsoft Internet Information Services (IIS) Web server is located at which directory below?

The predecessor to today's Internet was a network known as ____________________.

What is a cookie, and how is it used?

Introduction to Security

Malware and Social Engineering Attacks

Host, Application, and Data Security

Basic Cryptography

Advanced Cryptography

Network Security

Administering a Secure Network

Wireless Network Security

Mobile Device Security

Access Control Fundamentals

Authentication and Account Management

Business Continuity

Risk Mitigation

Vulnerability Assessment and Third Party Integration

Filters

Exam 3: Application and Networking-Based Attacks

Because the XSS is a widely known attack, the number of Web sites that are vulnerable is very small.

An attack in which the attacker attempts to impersonate the user by using his or her session token is known as:

Which type of attack below is similar to a passive man-in-the-middle attack?

What language below is used to view and manipulate data that is stored in a relational database?

Which SQL injection statement example below could be used to discover the name of the table?

Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database?

The exchange of information among DNS servers regarding configured zones is known as:

The default root directory of the Microsoft Internet Information Services (IIS) Web server is located at which directory below?

The predecessor to today's Internet was a network known as ____________________.

What is a cookie, and how is it used?​

Introduction to Security

Malware and Social Engineering Attacks

Host, Application, and Data Security

Basic Cryptography

Advanced Cryptography

Network Security

Administering a Secure Network

Wireless Network Security

Mobile Device Security

Access Control Fundamentals

Authentication and Account Management

Business Continuity

Risk Mitigation

Vulnerability Assessment and Third Party Integration

Filters

What is a cookie, and how is it used?