DETAILED ANSWERS|LATEST
PASS
Bounds checking - ANSWER to set a limit on the amount of data we expect to receive
to set aside storage for that data
*required in most programming languages
* prevents buffer overflows
Race conditions - ANSWER A type of software development vulnerability that occurs
when multiple processes or multiple threads within a process control or share access to a
particular resource, and the correct handling of that resource depends on the proper
ordering or timing of transactions
Input validation - ANSWER a type of attack that can occur when we fail to validate the
input to our applications or take steps to filter out unexpected or undesirable content
Format string attack - ANSWER a type of input validation attacks in which certain print
functions within a programming language can be used to manipulate or view the internal
memory of an application
Authentication attack - ANSWER A type of attack that can occur when we fail to use
strong authentication mechanisms for our applications
Authorization attack - ANSWER A type of attack that can occur when we fail to use
authorization best practices for our applications
1
,Cryptographic attack - ANSWER A type of attack that can occur when we fail to
properly design our security mechanisms when implementing cryptographic controls in our
applications
Client-side attack - ANSWER A type of attack that takes advantage of weaknesses in
the software loaded on client machines or one that uses social engineering techniques to
trick us into going along with the attack
XSS (Cross Site Scripting) - ANSWER an attack carried out by placing code in the form
of a scripting language into a web page or other media that is interpreted by a client
browser
XSRF (cross-site request forgery) - ANSWER an attack in which the attacker places a
link on a web page in such a way that it will be automatically executed to initiate a particular
activity on another web page or application where the user is currently authenticated
SQL Injection Attack - ANSWER Attacks against a web site that take advantage of
vulnerabilities in poorly coded SQL (a standard and common database software application)
applications in order to introduce malicious program code into a company's systems and
networks.
Clickjacking - ANSWER An attack that takes advantage of the graphical display
capabilities of our browser to trick us into clicking on something we might not otherwise
Server-side attack - ANSWER A type of attack on the web server that can target
vulnerabilities such as lack of input validation, improper or inadequate permissions, or
extraneous files left on the server from the development process
Protocol issues, unauthenticated access, arbitrary code execution, and privilege escalation -
ANSWER Name the 4 main categories of database security issues
2
, Web application analysis tool - ANSWER A type of tool that analyzes web pages or
web-based applications and searches for common flaws such as XSS or SQL injection flaws,
and improperly set permissions, extraneous files, outdated software versions, and many
more such items
Protocol issues - ANSWER unauthenticated flaws in network protocols, authenticated
flaws in network protocols, flaws in authentication protocols
Arbitrary code execution - ANSWER An attack that exploits an applications
vulnerability into allowing the attacker to execute commands on a user's computer.
* arbitrary code execution in intrinsic or securable SQL elements
Privilege Escalation - ANSWER An attack that exploits a vulnerability in software to
gain access to resources that the user normally would be restricted from accessing.
* via SQL injection or local issues
Validating user inputs - ANSWER a security best practice for all software
* the most effective way of mitigating SQL injection attacks
Nikto (and Wikto) - ANSWER A web server analysis tool that performs checks for many
common server-side vulnerabilities & creates an index of all the files and directories it can
see on the target web server (a process known as spidering)
Burp suite - ANSWER A well-known GUI web analysis tool that offers a free and
professional version; the pro version includes advanced tools for conducting more in-depth
attacks
Fuzzer - ANSWER A type of tool that works by bombarding our applications with all
manner of data and inputs from a wide variety of sources, in the hope that we can cause the
application to fail or to perform in unexpected ways
3
PASS
Bounds checking - ANSWER to set a limit on the amount of data we expect to receive
to set aside storage for that data
*required in most programming languages
* prevents buffer overflows
Race conditions - ANSWER A type of software development vulnerability that occurs
when multiple processes or multiple threads within a process control or share access to a
particular resource, and the correct handling of that resource depends on the proper
ordering or timing of transactions
Input validation - ANSWER a type of attack that can occur when we fail to validate the
input to our applications or take steps to filter out unexpected or undesirable content
Format string attack - ANSWER a type of input validation attacks in which certain print
functions within a programming language can be used to manipulate or view the internal
memory of an application
Authentication attack - ANSWER A type of attack that can occur when we fail to use
strong authentication mechanisms for our applications
Authorization attack - ANSWER A type of attack that can occur when we fail to use
authorization best practices for our applications
1
,Cryptographic attack - ANSWER A type of attack that can occur when we fail to
properly design our security mechanisms when implementing cryptographic controls in our
applications
Client-side attack - ANSWER A type of attack that takes advantage of weaknesses in
the software loaded on client machines or one that uses social engineering techniques to
trick us into going along with the attack
XSS (Cross Site Scripting) - ANSWER an attack carried out by placing code in the form
of a scripting language into a web page or other media that is interpreted by a client
browser
XSRF (cross-site request forgery) - ANSWER an attack in which the attacker places a
link on a web page in such a way that it will be automatically executed to initiate a particular
activity on another web page or application where the user is currently authenticated
SQL Injection Attack - ANSWER Attacks against a web site that take advantage of
vulnerabilities in poorly coded SQL (a standard and common database software application)
applications in order to introduce malicious program code into a company's systems and
networks.
Clickjacking - ANSWER An attack that takes advantage of the graphical display
capabilities of our browser to trick us into clicking on something we might not otherwise
Server-side attack - ANSWER A type of attack on the web server that can target
vulnerabilities such as lack of input validation, improper or inadequate permissions, or
extraneous files left on the server from the development process
Protocol issues, unauthenticated access, arbitrary code execution, and privilege escalation -
ANSWER Name the 4 main categories of database security issues
2
, Web application analysis tool - ANSWER A type of tool that analyzes web pages or
web-based applications and searches for common flaws such as XSS or SQL injection flaws,
and improperly set permissions, extraneous files, outdated software versions, and many
more such items
Protocol issues - ANSWER unauthenticated flaws in network protocols, authenticated
flaws in network protocols, flaws in authentication protocols
Arbitrary code execution - ANSWER An attack that exploits an applications
vulnerability into allowing the attacker to execute commands on a user's computer.
* arbitrary code execution in intrinsic or securable SQL elements
Privilege Escalation - ANSWER An attack that exploits a vulnerability in software to
gain access to resources that the user normally would be restricted from accessing.
* via SQL injection or local issues
Validating user inputs - ANSWER a security best practice for all software
* the most effective way of mitigating SQL injection attacks
Nikto (and Wikto) - ANSWER A web server analysis tool that performs checks for many
common server-side vulnerabilities & creates an index of all the files and directories it can
see on the target web server (a process known as spidering)
Burp suite - ANSWER A well-known GUI web analysis tool that offers a free and
professional version; the pro version includes advanced tools for conducting more in-depth
attacks
Fuzzer - ANSWER A type of tool that works by bombarding our applications with all
manner of data and inputs from a wide variety of sources, in the hope that we can cause the
application to fail or to perform in unexpected ways
3
