Which of the following programs is usually targeted at Microsoft Office products?
Polymorphic virus
Multipart virus
Stealth virus
Macro virus SHOW ANSWERWhich of the following viruses tries to hide from anti-virus programs by actively altering and corrupting the chosen service call interruptions when they are being run?
Cavity virus
Tunneling virus
Polymorphic virus
Stealth virus
SHOW ANSWERA hacker has successfully infected an internet-facing server which he will then use to send junk mail, take part in coordinated attacks, or host junk email content.
Which sort of trojan infects this server?
Turtle Trojans
Banking Trojans
Botnet Trojan
Ransomware Trojans
SHOW ANSWERJesse receives an email with an attachment labeled “Court_Notice_21206.zip”. Inside the zip file is a file named “Court_Notice_21206.docx.exe” disguised as a word document. Upon execution, a window appears stating, “This word document is corrupt.” In the background, the file copies itself to Jesse APPDATA\local directory and begins to beacon to a C2 server to download additional malicious binaries.
What type of malware has Jesse encountered?
Macro Virus
Worm
Key-Logger
SHOW ANSWERWhich of the following is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet.
Heartbleed BugPOODLE
SSL/TLS Renegotiation Vulnerability
Shellshock
SHOW ANSWERThe Heartbleed bug was discovered in 2014 and is widely referred to under MITRE’s Common Vulnerabilities and Exposures (CVE) as CVE-2014-0160. This bug affects the OpenSSL implementation of the transport layer security (TLS) protocols defined in RFC6520. What type of key does this bug leave exposed to the Internet making exploitation of any compromised system very easy?
Root
Shared
Public
Private
SHOW ANSWERRebecca commonly sees an error on her Windows system that states that a Data Execution Prevention (DEP) error has taken place. Which of the following is most likely taking place ?
Malware is executing in either ROM or a cache memory area.
Malicious code is attempting to execute instruction
in a non-executable memory region.
A race condition is being exploited, and the operating system is containing the malicious process
A page fault is occurring, which forces the operating system to write data from the hard drive
SHOW ANSWERIdentify the web application attack where the attackers exploit vulnerabilities in dynamically generated web pages to inject client-side script into web pages viewed by other users
Cross-Site Request Forgery
LDAP Injection attack
SQL injection attack
SHOW ANSWERA company’s Web development team has become aware of a certain type of security vulnerability in their Web software. To mitigate the possibility of this vulnerability being exploited, the team wants to modify the software requirements to disallow users from entering HTML as input into their Web application.
What kind of Web application vulnerability likely exists in their software?
Session management vulnerability
Cross-site Request Forgery vulnerability
Cross-site scripting vulnerabilitySQL injection vulnerability
SHOW ANSWERAn attacker changes the profile information of a particular user (victim) on the target website. The attacker uses this string to update the victim’s profile to a text file and then submit the data to the attacker’s database.
< iframe src=””http://www.vulnweb.com/updateif.php”&#8221; style=””display:none”” > < /iframe >
What is this type of attack (that can use either HTTP GET or HTTP POST) called?
SQL Injection
Cross-Site Scripting
Browser Hacking
Cross-Site Request Forgery SHOW ANSWERWhich of the following programming languages is most susceptible to buffer overflow attacks, due to its lack of
a built-in-bounds checking mechanism?
Code:
#include
int main(){
char buffer[8];
strcpy(buffer, ““11111111111111111111111111111””);
}
Output:
Segmentation fault
C#
Python
Java
C++
SHOW ANSWER#!/usr/bin/python
import socket
buffer=[“A”]counter=50
while len(buffer)<=100:
buffer.apend (“A”*counter)
counter=counter+50
commands=
[“HELP”,“STATS.”,“RTIME.”,“LTIME.”,“SRUN.”,“TRUN.”,“GMON.”,“GDOG.”,“KSTET.”,“GTER.”,“HTER.”,“LTER.
”,“KSTAN.”]
for command in commands:
for buffstring in buffer:
print “Exploiting” +command+“:”+str(len(buffstring))
s=socket.socket(socket.AF_INET.socket.SOCK_STREAM)
s.connect((‘127.0.0.1’,9999))
s.recv(50)
s.send(command+buffstring)
s.close()
What is the code written for?
Encryption
Bruteforce
Denial-of-service (Dos)
SHOW ANSWERWhen you are testing a web application, it is very useful to employ a proxy tool to save every request and response. You can manually test every request and analyze the response to find vulnerabilities. You can test parameter and headers manually to get more precise results than if using web vulnerability scanners.
What proxy tool will help you find web vulnerabilities?
Dimitry
Proxychains
BurpsuiteMaskgen
SHOW ANSWERA tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database. In order for the tester to see if SQL injection is possible, what is the first character that the tester should use to attempt breaking a valid SQL request?
Semicolon
Single quoteDouble quote
Exclamation mark
SHOW ANSWER