CompTIA Security+ SY0-601 - 1.3 Nyberg Questions and Answers 100% Verified

Privilege Escalation - An attack that exploits a vulnerability in software to gain access to resources that the user normally would be restricted from accessing. Cross-Site Scripting (XSS) - An attack that injects scripts into a Web application server to direct attacks at clients. SQL Injection - A type of malformed input that takes advantage of an appropriate true conditional logic statement adding a request for data that is against the security policy. DLL (Dynamic Link Library) - A compiled set of code that can be called from other programs. SQL - Structured Query Language. Used to communicate with databases. DLL injection - A piece of malware designed to run code into the address space of another process by forcing it to load a library and execute the code. LDAP (Lightweight Directory Access Protocol) - A communications protocol that defines how a client can access information, perform operations, and share directory data on a server. LDAP injection attack - Attempts to access or modify data hosted on directory service servers. XML (Extensible Markup Language) - A markup language that is designed to carry data instead of indicating how to display it. XML injection - An attack that injects tags and data into a data set or process. Pointer dereference - A programming practice that uses a pointer to reference a memory area. A failed dereference operation can corrupt memory and sometimes even cause an application to crash.Pointer dereference (Memory/buffer vulnerability) - This act changes the meaning of a pointer object (in some computer languages) to the contents of the memory location, not the memory location as identified by the pointer. This can be dangerous, as mistakes in their use can lead to unexpected consequences.