Security+ Network Security Fundamentals Chapter 3 & 4

Because the XSS is a widely known attack, the number of Web sites that are vulnerable is very small.
Because of the minor role it plays, DNS is never the focus of attacks.
What language below is used to view and manipulate data that is stored in a relational database?
whatever’ AND email IS NULL; —
Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database?
whatever’ AND 1=(SELECT COUNT(*) FROM tabname); —
Which SQL injection statement example below could be used to discover the name of the table?
whatever’ OR full_name LIKE ‘%Mia%’
Choose the SQL injection statement example below that could be used to find specific users
whatever’; DROP TABLE members; —
Which SQL injection statement can be used to erase an entire database table?
Although traditional network security devices can block traditional network attacks, they cannot always block Web application attacks.
HTML uses which option below within embedded brackets (< >) causing a web browser to display text in a specific format?
ARP poisoning is successful because there are few authentication procedures to verify ARP requests and replies.
What language below is designed to display data, with a primary focus on how the data looks?
XSS attacks occur when an attacker takes advantage of web applications that accept user input without validating it and then present it back to the user.​
What language below is for the transport and storage of data, with the focus on what the data is?
To what specific directory are users generally restricted to on a web server?
C:Inetpub wwwroot
The default root directory of the Microsoft Internet Information Services (IIS) Web server is located at which directory below?
Select below the string of characters that can be used to traverse up one directory level from the root directory:
Attacks that take place against web based services are considered to be what type of attack?
A user has become compromised as a result of visiting a specific web page, without clicking on any kind of content. What type of attack has occurred?
HTTP header
What portion of the HTTP packet consists of fields that contain information about the characteristics of the data being transmitted?
Session hijacking
An attack in which the attacker attempts to impersonate the user by using his or her session token is known as:
Which type of attack below is similar to a passive man-in-the-middle attack?
When TCP/IP was developed, the host table concept was expanded into a hierarchical name system for matching computer names and numbers using this service:
DNS poisoning
How can an attacker substitute a DNS address so that a computer is automatically redirected to another device?
zone transfer
The exchange of information among DNS servers regarding configured zones is known as:
​Privilege escalation
On a compromised computer, you have found that a user without administrative privileges was able to perform a task limited to only administrative accounts. What type of exploit has occurred?​
HTTP – Hypertext Transport Protocol
A web browser makes a request for a web page using the ________________.
A(n) ____________________ cookie is stored in Random Access Memory (RAM), instead of on the hard drive, and only lasts for the duration of visiting the Web site.
The predecessor to today’s Internet was a network known as ____________________.
Ethernet LAN networks utilize the physical _________________ address to send packets.​
A TCP/IP communication begins with a control message, known as a ________________, to initialize the connection.​
Match the following terms to the appropriate definitions.​

An attack that corrupts the ARP cache​

An attack that occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer​

Injecting and executing commands to execute on a server​

​An attack that injects scripts into a web application server to direct attacks at clients.

​A form of verification used when accessing a secure web application

​An attack that uses the Internet Control Message Protocol (ICMP) to flood a victim with packets.

​An attack that substitutes DNS addresses so that the computer is automatically redirected to an attacker’s device.

​An attack that broadcasts a ping request to computers yet changes the address so that all responses are sent to the victim.

​Part of the TCP/IP protocol for determining the MAC address based on the IP address.

​Another name for locally shared object (LSO)

​Address Resolution Protocol (ARP)

ARP Poisoning​

​Buffer overflow attack

Command injection​

​Cross-site scripting (XSS)

​DNS poisoning

​Flash cookie

​Ping flood

​Session token

Smurf attack

Combination padlocks consist of buttons that must be pushed in the proper sequence in order to be unlocked.
Tailgate sensors
Cipher locks are sometimes combined with what type of sensor, which uses infrared beams that are aimed across a doorway?
physical token
Instead of using a key or entering a code to open a door, a user can use an object, such as an ID badge, to identify themselves in order to gain access to a secure area. What term describes this type of object?
Radio Frequency Identification tag (RFID)
Proximity readers utilize a special type of tag that can be affixed to the inside of an ID badge. What is the name for this type of tag?
What is the maximum effective range of a typical passive RFID tag?
Keyed entry locks are much more difficult to defeat than deadbolt locks.
Using a mantrap
How can an area be made secure from a non-secured area via two interlocking doors to a small room?
DLP agent sensors are unable to read inside compressed files and binary files.​
What type of video surveillance is typically used by banks, casinos, airports, and military installations, and commonly employs guards who actively monitor the surveillance?
cable lock
Most portable devices, and some computer monitors, have a special steel bracket security slot built into the case, which can be used in conjunction with a:
A spiked collar that extends horizontally for up to 3 feet from the pole is an example of what kind of technology?
roller barrier
An independently rotating large cup affixed to the top of a fence prevents the hands of intruders from gripping the top of a fence to climb over it. What is the name for this technology?
What is the name for a standard or checklist against which systems can be evaluated and audited for their level of security (security posture)?
Resolution settings
Which of the following is not one of the types of settings that would be included in a Microsoft Windows security template?
service pack
What is the name for a cumulative package of all patches and hotfixes as well as additional features up to a given point?
heuristic detection
Instead of trying to make a match, modern AV techniques are beginning to use a type of detection that attempts to identify the characteristics of a virus. What is the name for this technique?
What type of device, sometimes called a packet filter, is designed to prevent malicious network packets from entering or leaving computers or networks?
Data Loss Prevention
Select the tool below that consists of a system of security tools that is used to recognize and identify data that is critical to an organization and ensure that it is protected:
Content inspection
Most DLP systems make use of what method of security analysis below?
​Static analysis
Anti-virus products typically utilize what type of virus scanning analysis?​
​Bayesian filtering
​What type of filtering utilizes a an analysis of the content of spam messages in comparison to neutral / non-spam messages in order to make intelligent decisions as to what should be considered spam?
Securing the host involves protecting the physical device itself, securing the operating system software on the system, using security-based software applications, and monitoring logs.
​Embedded system
A system such as a printer, smart TV, or HVAC controller, typically uses an operating system on what is called a:
​Escaping user responses
What is the best way to prevent data input by a user from having potentially malicious effects on software?​
DLP agent sensors are installed on each host device, and monitor for actions such as printing, copying to a USB flash drive, and burning to a CD or DVD.
____________________ locks keep a record of when the door was opened and by which code.
access list
A(n) ____________________ is a record or list of individuals who have permission to enter a secure area, the time that they entered, and the time they left the area.
____________________ security is the physical security that specifically involves protecting the hardware of the host system, particularly portable laptops, netbooks, and tablet computers that can easily be stolen.
____________________ paint is a nontoxic petroleum gel-based paint that is thickly applied and does not harden, making any coated surface very difficult to climb.
security policy
A _____________ is a document or series of documents that clearly defines the defense mechanisms an organization will employ in order to keep information secure.​
​Access list

​Activity phase controls



​Bayesian filtering

​Cross-site request forgery (XSRF)

​Fuzz testing



Supervisory control and data acquisition (SCADA)

​Match the following terms to the appropriate definitions.​

​An operating system for Google Android smartphones and other devices.

A mobile operating system for Apple iPhones​

​A nonrelational database that is better tuned for accessing large data sets.

Spam filtering software that analyzes every word in an email and determines how frequently a word occurs in order to determine if it is spam.​

​A paper or electronic record of individuals who have permission to enter a secure area, the time that they entered, and the time they left the area

​Large-scale, industrial control systems.

​A software testing technique that deliberately provides invalid, unexpected, or random data as inputs to a computer program.

A structure designed to block the passage of traffic​

​An attack that uses the user’s web browser settings to impersonate the user

Subtypes of security controls, classified as deterrent, preventive, detective, compensation, or corrective.​