Flashcards on Chapter 3 – College Essay

Programs that provide additional functionality to Web browsers.

Part of the TCP/IP protocol for determining the MAC address based on the IP address.

An attack that corrupts the ARP cache.

Files that are coupled to e-mail messages.

An attack that occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer.

An attack that targets vulnerabilities in client applications that interact with a compromised server or processes malicious data.

A file on a local computer in which a server stores user-specific information.

Injecting and executing commands to execute on a server.

An attack that injects scripts into a Web application server to direct attacks at clients.

An attack that attempts to prevent a system from performing its normal functions.

An attack that takes advantage of a vulnerability in the Web application program or the Web server software so that a user can move from the root directory to other restricted directories.

An attack that uses multiple zombie computers (even hundreds or thousands) in a botnet to flood a device with requests.

An attack that substitutes DNS addresses so that the computer is automatically redirected to another device.

A hierarchical name system for matching computer names and numbers.

A cookie that is created from the Web site that currently is being viewed.

A cookie named after the Adobe Flash player. Also known as local shared objects (LSO’s). Flash cookies cannot be deleted through the browser’s normal configuration settings as regular cookies can. Typically, they are saved in multiple locations on the hard drive and can take up as much as 100,000 bytes of storage per cookie (about 25 times the size of a normal cookie). Flash cookies can also be used to reinstate regular cookies that a user has deleted or blocked.

A list of the mappings of names to computer numbers.

Part of HTTP that is composed of fields that contain the different characteristics of the data that is being transmitted.

Modifying HTTP headers to create an attack.

An attack that intercepts legitimate communication and forges a fictitious response to the sender.

A cookie that is recorded on the hard drive of the computer and does not expire when the browser closes.

A utility that sends an ICMP echo request message to a host.

An attack that uses the Internet Control Message Protocol (ICMP) to flood a victim with packets.

An attack that exploits a vulnerability in software to gain access to resources that the user would normally be restricted from obtaining.

An attack that makes a copy of the transmission before sending it to the recipient.

A cookie that is only used when a browser is visiting a server using a secure connection.

A cookie that is stored in Random Access Memory (RAM), instead of on the hard drive, and only lasts for the duration of visiting a Web site.

An attack in which an attacker attempts to impersonate the user by using his session token.

A form of verification used when accessing a secure Web application.

An attack that broadcasts a ping request to all computers on the network yet changes the address from which the request came to that of the target.

Impersonating another computer or device.

An attack that targets SQL servers by injecting commands to be manipulated by the database.

An attack that takes advantage of the procedures for initiating a TCP session.

A cookie that was created by a third party that is different from the primary Web site.

An attack involving using a third party to gain access rights.

A markup language that is designed to carry data instead of indicating how to display it.

An attack that injects XML tags and data into a database.

Attacks that exploit previously unknown vulnerabilities, so victims have not time (zero days) to prepare or defend against the attacks.

A __________ attack exploits previously unknown vulnerabilities.
A. virus resource
B. shock and awe
C. surprise
D. zero day

Why can traditional networking security devices NOT be used to block Web application attacks?
A. Traditional network security devices ignore the content of HTTP traffic, which is the vehicle of Web application attacks
B. Web application attacks use Web browsers that cannot be controlled on a local computer
C. Network security devices cannot prevent attacks from Web resources
D. The complex nature of TCP/IP allows for too many ping sweeps to be blocked.

Attackers use buffer overflows to __________.
A. corrupt the kernel so the computer cannot reboot.
B. point to another area in data memory that contains the attacker’s malware code
C. place a virus into the kernel
D. erase buffer overflow signature files

What is unique about a cross-site scripting (XSS) attack compared to other injection attacks?
A. SQL code is used in an XSS attack
B. XSS requires the use of a browser
C. XSS does not attack the Web application server to steal or corrupt its information
D. XSS attacks are rarely used anymore compared to other injection attacks

Each of the following can be used in an XSS attack except __________.
A. HTML
B. JavaScript
C. Adobe Flash
D. ICMP

A cookie that was not created by the Web site being viewed is called a __________.
A. first-party cookie
B. second-party cookie
C. third-party cookie
C. fourth-party cookie

The basis of a SQL injection attack is __________.
A. to inject SQL statements through unfiltered user input
B. to have the SQL server attack client Web browsers
C. to link SQL servers into a botnet
D. to expose SQL code so that it can be examined.

Which of the following cannot be performed through a successful SQL injection attack?
A. Display a list of customer telephone numbers
B. Discover the names of different fields in a table
C. Erase a database table
D. Reformat the Web application server’s hard drive

A markup language that is designed to carry data is __________.
A. ICMP
B. HTTP
C. HTML
D. XML

When an attacker can access files in directories other than the root directory, this is known as a(n) __________ attack.
A. Command injection
B. Directory traversal
C. SQL injection
D. XML injection

A(n) __________ attack modifies the fields that contain the different characteristics of the data that is being transmitted.
A. HTML packet
B. SQL injection
C. XML manipulation
D. HTTP header

Which of the following cookies only lasts for the duration of visiting the Web site?
A. Session
B. Persistent
C. Temporary
D. RAM

What is a session token?
A. A random string assigned by a Web server
B. The same as third-party cookie
C. A unique identifier that includes the user’s e-mail address
D. XML code used in an XML injection attack

Which of the following is not a security concern of the ActiveX add-on?
A. the person who signed the control may not have properly assessed the control’s safety.
B. A malicious ActiveX control can affect all users of that computer.
C. ActiveX can be integrated with JavaScript
D. ActiveX does not have safeguards and has full access to the Windows operating system

Which of the following is not a DoS attack?
A. Ping flood
B. SYN flood
C. Push flood
D. Smurf

What type of attack intercepts legitimate communication and forges a fictitious response to the sender?
A. Man-in-the-Middle
B. Interceptor
C. SQL intrusion
D. SIDS

A replay attack __________.
A. makes a copy of the transmission for use at a later time
B. replays the attack over and over to flood the server
C. can be prevented by patching the Web server
D. is considered to be a type of DoS attack

___________ is used to discover the MAC address of a client based on its IP address.
A. Ping
B. ICMP
C. DNS
D. ARP

DNS poisoning __________.
A. is rarely found today due to the use of host tables
B. can attack an external DNS server
C. is the same as ARP poisoning
D. floods a DNS server with requests until it can no longer respond

__________ involves using a third party to gain access rights.
A. Transitive access
B. Privilege escalation
C. Active Rights Scaling (ARS)
D. Directory traversal

http

false

session hijacking

session

false

server-side

drive by download

true

true

whatever’ OR full_name LIKE ‘%Mia%’