Which of the following programs is usually targeted at Microsoft Office products?

 

Which of the following viruses tries to hide from anti-virus programs by actively altering and corrupting the chosen service call interruptions when they are being run?

 

A hacker has successfully infected an internet-facing server which he will then use to send junk mail, take part in coordinated attacks, or host junk email content.
Which sort of trojan infects this server?

 

Jesse receives an email with an attachment labeled “Court_Notice_21206.zip”. Inside the zip file is a file named “Court_Notice_21206.docx.exe” disguised as a word document. Upon execution, a window appears stating, “This word document is corrupt.” In the background, the file copies itself to Jesse APPDATA\local directory and begins to beacon to a C2 server to download additional malicious binaries.
What type of malware has Jesse encountered?

Which of the following is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet.

The Heartbleed bug was discovered in 2014 and is widely referred to under MITRE’s Common Vulnerabilities and Exposures (CVE) as CVE-2014-0160. This bug affects the OpenSSL implementation of the transport layer security (TLS) protocols defined in RFC6520. What type of key does this bug leave exposed to the Internet making exploitation of any compromised system very easy?

Rebecca commonly sees an error on her Windows system that states that a Data Execution Prevention (DEP) error has taken place. Which of the following is most likely taking place ?

Identify the web application attack where the attackers exploit vulnerabilities in dynamically generated web pages to inject client-side script into web pages viewed by other users

 

A company’s Web development team has become aware of a certain type of security vulnerability in their Web software. To mitigate the possibility of this vulnerability being exploited, the team wants to modify the software requirements to disallow users from entering HTML as input into their Web application.
What kind of Web application vulnerability likely exists in their software?

 

An attacker changes the profile information of a particular user (victim) on the target website. The attacker uses this string to update the victim’s profile to a text file and then submit the data to the attacker’s database.
< iframe src=””http://www.vulnweb.com/updateif.php”” style=””display:none”” > < /iframe >
What is this type of attack (that can use either HTTP GET or HTTP POST) called?

Which of the following programming languages is most susceptible to buffer overflow attacks, due to its lack of
a built-in-bounds checking mechanism?
Code:
#include
int main(){
char buffer[8];
strcpy(buffer, ““11111111111111111111111111111””);
}
Output:
Segmentation fault

#!/usr/bin/python
import socket
buffer=[“A”]counter=50
while len(buffer)<=100:
buffer.apend (“A”*counter)
counter=counter+50
commands=
[“HELP”,“STATS.”,“RTIME.”,“LTIME.”,“SRUN.”,“TRUN.”,“GMON.”,“GDOG.”,“KSTET.”,“GTER.”,“HTER.”,“LTER.
”,“KSTAN.”]
for command in commands:
for buffstring in buffer:
print “Exploiting” +command+“:”+str(len(buffstring))
s=socket.socket(socket.AF_INET.socket.SOCK_STREAM)
s.connect((‘127.0.0.1’,9999))
s.recv(50)
s.send(command+buffstring)
s.close()
What is the code written for?

When you are testing a web application, it is very useful to employ a proxy tool to save every request and response. You can manually test every request and analyze the response to find vulnerabilities. You can test parameter and headers manually to get more precise results than if using web vulnerability scanners.
What proxy tool will help you find web vulnerabilities?

 

A tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database. In order for the tester to see if SQL injection is possible, what is the first character that the tester should use to attempt breaking a valid SQL request?