Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

C836 Wgu Complete With Complete Answers 100- Rated.A+.

Rating
-
Sold
-
Pages
16
Grade
A+
Uploaded on
11-12-2025
Written in
2025/2026

C836 Wgu Complete With Complete Answers 100- Rated.A+.

Institution
WGU
Course
WGU

Content preview

1. bounds checking: tosetalimitontheamountofdataweexpecttoreceivetosetasidestorageforthatdata
n n n n n n n n n n n n n n n n n n n n n




*requiredinmostprogramminglanguages n n n n




* preventsbutter overflows n n




2. race conditions: A type of software development vulnerability that occurs when multiple processes or multiple threads
n n n n n n n n n n n n n n n




withinaprocesscontrolorshareaccesstoaparticularresource,andthe correcthandlingofthat resource depends on the
n n n n n n n n n n n n n n n n n n n n n




proper ordering or timing of transactions
n n n n n n




3. input validation: atypeofattackthatcanoccurwhenwefailtovalidatetheinputtoourapplications ortake
n n n n n n n n n n n n n n n n n n n n




steps to filter out unexpected or undesirable content
n n n n n n n




4. format string attack: a type of input validation attacks in which certain print functions within a program- ming
n n n n n n n n n n n n n n n n n




language can be used to manipulate or view the internal memory of an application
n n n n n n n n n n n n n n




5. authentication attack: A type of attack that can occur when we fail to use strong authentication mecha- nisms
n n n n n n n n n n n n n n n n n




forourapplications
n n n




6. authorization attack: A type of attack thatcan occur when wefailtouse authorization best practices for our
n n n n n n n n n n n n n n n n n n




applications
n




7. cryptographic attack: A type of attack that can occur when we fail to properly design our security
n n n n n n n n n n n n n n n n




mechanisms when implementing cryptographic controls in our applications
n n n n n n n n




8. client-side attack: Atypeofattackthattakesadvantageofweaknessesinthesoftwareloadedonclient
n n n n n n n n n n n n n n n n




machines or one that uses social engineering techniques to trick us into going along with the attack
n n n n n n n n n n n n n n n n n




9. XSS (Cross Site Scripting): an attack carried out by placing code in the form of a scripting language into a web
n n n n n n n n n n n n n n n n n n n n




page or other media that is interpreted by a client browser
n n n n n n n n n n n




10. XSRF (cross-site request forgery): anattackinwhichtheattackerplacesalinkonawebpagein such a way
n n n n n n n n n n n n n n n n n n n n




that it will be automatically executed to initiate a particular activity on another web page or application where the user is
n n n n n n n n n n n n n n n n n n n n n




currently authenticated
n n




11. clickjacking: Anattackthattakesadvantageofthegraphicaldisplaycapabilitiesofourbrowsertotrickusinto
n n n n n n n n n n n n n n n n n




clickingonsomethingwe mightnot otherwise
n n n n n n




n n

,12. server-side attack: A type of attack on the webserver that can target vulnerabilities suchaslackof input validation,
n n n n n n n n n n n n n n n n n n n




improper or inadequate permissions, or extraneous files left on the server from the development process
n n n n n n n n n n n n n n n




13. Protocol issues, unauthenticated access, arbitrary code execution, and priv-
n n n n n n n n




nilege escalation: Namethe4maincategoriesofdatabasesecurityissues
n n n n n n n n n n




14. web application analysis tool: A type of tool that analyzes web pages or web-based applications and
n n n n n n n n n n n n n n n




searches for common flaws such as XSS or SQL injection flaws, and improperly set permissions, extraneous files, outdated
n n n n n n n n n n n n n n n n n n




software versions, and many more such items
n n n n n n n





n n

, 15. protocol issues: unauthenticated flaws in network protocols, authenticated flaws in network protocols, flaws in
n n n n n n n n n n n n n




authentication protocols
n n




16. arbitrary code execution: An attack that exploits an applications vulnerability into allowing the attacker to
n n n n n n n n n n n n n n




execute commands on a user's computer.
n n n n n n




* arbitrary code execution in intrinsic or securable SQL elements
n n n n n n n n




17. PrivilegeEscalation:Anattackthatexploitsavulnerabilityinsoftwaretogainaccesstoresourcesthatthe user
n n n n n n n n n n n n n n n n n




normally would be restricted from accessing.
n n n n n n




* viaSQLinjectionorlocalissues
n n n n n




18. validating user inputs: a security best practice for all software n n n n n n n n n




* themostettectivewayofmitigatingSQLinjectionattacks
n n n n n n n n




19. Nikto (and Wikto): Awebserveranalysistoolthatperformschecksformanycommonserver-sidevulner- abilities
n n n n n n n n n n n n n n n n




& creates an index of all the files and directories it can see on the target web server (a process known as spidering)
n n n n n n n n n n n n n n n n n n n n n n n




20. burp suite: Awell-knownGUIwebanalysistoolthatottersafreeandprofessionalversion;theproversion
n n n n n n n n n n n n n n n n n




includes advanced tools for conducting more in-depth attacks
n n n n n n n




21. fuzzer: A type of tool that works by bombarding our applications with all manner of data and inputs from a wide variety of
n n n n n n n n n n n n n n n n n n n n n n




sources, in the hope that we can cause the application to fail or to perform in unexpected ways
n n n n n n n n n n n n n n n n n n




22. MiniFuzz File Fuzzer: Atooldeveloped byMicrosofttofindflawsinfile-handlingsourcecode
n n n n n n n n n n n n n n




23. BinScope Binary Analyzer:AtooldevelopedbyMicrosofttoexaminesourcecodeforgeneralgood n n n n n n n n n n n n n n




practices
n




24. SDL Regex Fuzzer: A tool developed by Microsoftfor testing certain pattern-matching expressions for
n n n n n n n n n n n n n




potential vulnerabilities
n n




25. good sources of secure coding guidelines: CERT, NIST 800, BSI, an organization's internal coding
n n n n n n n n n n n n n




guidelines
n




26. OS hardening: the process of reducing the number of available avenuesthrough which our OS might be
n n n n n n n n n n n n n n n n




attacked
n




27. attack surface: The total of the areas through which our operating system might be attacked
n n n n n n n n n n n n n n




28. 6 main hardening categories: 1.Removingunnecessarysoftware
n n n n n n n




2. Removing or turning ott unessential services n n n n n




3. Making alterations to common accounts n n n n




4. Applying the principle of least privilege n n n n n





n n

Document information

Uploaded on
December 11, 2025
Number of pages
16
Written in
2025/2026
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

$14.99
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF

Get to know the seller
Seller avatar
SOLANAWRITTERS

Get to know the seller

Seller avatar
SOLANAWRITTERS Chamberlain College Nursing
View profile
Follow You need to be logged in order to follow users or courses
Sold
2
Member since
9 months
Number of followers
2
Documents
364
Last sold
7 months ago
WISDOMSHUB

Nursing Being my main profession line, My mission is to be your LIGHT in the dark. If you're worried or having trouble in nursing school, I really want my notes to be your guide! I know they have helped countless others get through and that's all I want for YOU!

0.0

0 reviews

5
0
4
0
3
0
2
0
1
0

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions