1. You are examining connection logs from a client machine and come across this entry:
Which attack does this most likely indicate?
A. Parameter manipulation
B. XSS
C. SQL injection
D. Directory traversal
2. A hacker is looking at a publicly facing web front end. One of the pages provides an entry box with the heading “Forgot password? Enter your e-mail address.” In the entry, he types anything' OR '1'='1.
A message appears stating, “Your login information has been sent to [email protected].”
Which of the following is true?
A. The cross-site scripting attempt has succeeded.
B. The SQL injection attempt has succeeded.
C. The parameter tampering has succeeded.
D. The buffer overflow attempt has succeeded.
3. A pen tester is examining a web front end on a target network. The page displays a “Search” text box form entry, allowing the user to search for items on the site. Instead of entering a search text string, the tester enters <script>'It Worked'</script>. After the tester clicks the Search button beside the entry box, a pop up appears stating, “It Worked.” Which of the following is true regarding this attempt?
A. The site is vulnerable to XSS.
B. Coding on the site is poor, and a buffer overflow attack may result in a DoS.
C. The attacker’s next entry in the Search box should be ' OR '1'='1.
D. This is expected behavior on properly configured sites
4. Which of the following is representative of a parameter-tampering attack?
5. A security administrator is called for advice. The sales staff has noticed a large amount of orders being filled at prices far below those posted on the site. After some research, it does not appear that the web server or the underlying SQL database have been directly compromised. Next, the security administrator reviews IDS logs and finds nothing unusual. Additionally, the local logs on the server itself do not show anything indicating a problem. Which of the following is the most likely explanation for the false orders?
A. The website uses hidden fields for price values, which have been altered by the attacker.
B. SQL injection has been used to update pricing in the database. After the order was placed, pricing was reset to normal, to cover tracks.
C. Server-side scripting was used to alter the price.
D. A tool such as Metasploit was used to carry out the attack.
6. A tool named StackGuard is put in place to assist in preventing buffer overflow attacks. Which of the following is used by StackGuard to accomplish this?
A. Cookies
B. Input validation
C. Canary words
D. CGI manipulation
7. The source code of software used by your client seems to have a large number of gets() alongside sparsely used fgets().What kind of attack is this software potentially susceptible to?
A. SQL injection
B. Buffer overflow
C. Parameter tampering
D. Cookie manipulation
8. Which code entry will stop input at 100 characters?
A.
if (I > 100) then exit (1)
B.
if (I >= 100) then exit (1)
C.
if (I <= 100) then exit (1)
D.
if (I < 100) then exit (1)
9. You are examining cookies provided from a target website and come across this sample:
Which of the following statements is true regarding this site?
A. Cookie tampering may provide additional access to information on or through the site.
B. Cookie tampering is prevented.
C. An underlying SQL database is in use on this site.
D. This is a zombie cookie.
10. Which of the following tools can be used to clone a copy of a website to your machine, to be scrutinized later?
A. BurpSuite
B. NetCraft
C. HttpRecon
D. BlackWidow
11. Which character is your best option in testing for SQL injection vulnerability?
A. The @ symbol
B. A double dash
C. The + sign
D. A single quote
12. A web administrator asks you for a recommendation on a vulnerability scanner for his server. Which of the following are appropriate choices? (Choose all that apply.)
A. NetCat
B. Nessus
C. Nikto
D. Nmap
13. Efforts to gain information from a target website have produced the following error message:
Which of the following best describes the error message?
A. The site is may be vulnerable to XSS.
B. The site may be vulnerable to buffer overflow.
C. The site may be vulnerable to SQL injection.
D. The site may be vulnerable to a malware injection.
14. Which buffer overflow attack is designed to make use of memory that remains in use while a program is running?
A. Stack
B. Heap
C. Active
D. Permanent
15. Which of the following is a standard method for web servers to pass a user’s request to an application program and receive data back to forward to the user?
A. SSI
B. SSL
C. CGI
D. CSI
16. Which of the following are true given the following URL? (Choose all that apply.) http://www.anybiz.com/%c0%af%c0%af%c0%af%c0%af%c0%af%c0%af%c0%af/windowssystem32cmd.exe
A. The attacker is attempting a buffer overflow.
B. The attacker is attempting directory traversal.
C. The attacker is using SQL code.
D. The attacker is using Unicode.
17. Which of the following can be used for remote password cracking of web servers? (Choose all that apply.)
A. Brutus
B. Nikto
C. THC-Hydra
D. Nessus
18. An attacker is attempting to elevate privileges on a machine by using Java or other functions, through nonvalidated input, to cause the server to execute a malicious piece of code and provide command-line access. Which of the following best describes this action?
A. Shell injection
B. File injection
C. SQL injection
D. URL injection
19. Which Windows-based web security scanner is known for its fuzzy logic code checking?
A. Nessus
B. Nikto
C. Wikto
D. Sandcat
20. HTML forms include several methods for transferring data back and forth. Inside a form, which of the following encodes the input into the Uniform Resource Identifier (URI)?
A. HEAD
B. PUT
C. GET
D. POST
21. An attacker is looking at a target website and is viewing an account from the store on URL http://www.anybiz.com/store.php?id=2. He next enters the following URL:
The web page loads normally. He then enters the following URL:
A generic page noting “An error has occurred” appears.
Which of the following is a correct statement concerning these actions?
A. The site is vulnerable to cross-site scripting.
B. The site is vulnerable to blind SQL injection.
C. The site is vulnerable to buffer overflows.
D. The site is not vulnerable to SQL injection.
22. Which of the following are valid methods to harden a web server? (Choose all that apply.)
A. Ensure patching is kept up to date.
B. Remove nonessential applications.
C. Remove or disable nonessential ports and protocols.
D. Allow remote access via Telnet.
E. Keep web applications and scripts on the same partition as the operating system.
F. Use secure coding techniques.
23. An attacker is viewing a blog entry showing a news story and asking for comments. In the comment field, the attacker enters the following:
What is the attacker attempting to perform?
A. A SQL injection attack against the blog’s underlying database
B. A cross-site scripting attack
C. A buffer overflow DoS attack
D. A file injection DoS attack.
24. An attacker attempts to manipulate an application by advancing the instruction pointer with a long run of instructions containing no action. What is this attack called?
A. File injection
B. Stack flipping
C. NOP sled
D. Heap based
25. You are examining website files and find the following text file:
Which of the following is a true statement concerning this file?
A. All web crawlers are prevented from indexing the listing.html page.
B. All web crawlers are prevented from indexing all pages on the site.
C. The Googlebot crawler is allowed to index pages starting with /tmp/.
D. The Googlebot crawler can access and index everything on the site except for pages starting with /tmp/.
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.