C836 WGU COMPLETE QUESTIONS
& ANSWERS(RATED A+)
bounds checking - ANSWERto set a limit on the amount of data we expect to receive
to set aside storage for that data
*required in most programming languages
* prevents buffer overflows
race conditions - ANSWERA type of software development vulnerability that occurs
when multiple processes or multiple threads within a process control or share access
to a particular resource, and the correct handling of that resource depends on the
proper ordering or timing of transactions
input validation - ANSWERa type of attack that can occur when we fail to validate the
input to our applications or take steps to filter out unexpected or undesirable content
format string attack - ANSWERa type of input validation attacks in which certain print
functions within a programming language can be used to manipulate or view the
internal memory of an application
authentication attack - ANSWERA type of attack that can occur when we fail to use
strong authentication mechanisms for our applications
XSS (Cross Site Scripting) - ANSWERan attack carried out by placing code in the
form of a scripting language into a web page or other media that is interpreted by a
client browser
XSRF (cross-site request forgery) - ANSWERan attack in which the attacker places
a link on a web page in such a way that it will be automatically executed to initiate a
particular activity on another web page or application where the user is currently
authenticated
clickjacking - ANSWERAn attack that takes advantage of the graphical display
capabilities of our browser to trick us into clicking on something we might not
otherwise
server-side attack - ANSWERA type of attack on the web server that can target
vulnerabilities such as lack of input validation, improper or inadequate permissions,
or extraneous files left on the server from the development process
Protocol issues, unauthenticated access, arbitrary code execution, and privilege
escalation - ANSWERName the 4 main categories of database security issues
web application analysis tool - ANSWERA type of tool that analyzes web pages or
web-based applications and searches for common flaws such as XSS or SQL
,injection flaws, and improperly set permissions, extraneous files, outdated software
versions, and many more such items
protocol issues - ANSWERunauthenticated flaws in network protocols, authenticated
flaws in network protocols, flaws in authentication protocols
arbitrary code execution - ANSWERAn attack that exploits an applications
vulnerability into allowing the attacker to execute commands on a user's computer.
* arbitrary code execution in intrinsic or securable SQL elements
Privilege Escalation - ANSWERAn attack that exploits a vulnerability in software to
gain access to resources that the user normally would be restricted from accessing.
* via SQL injection or local issues
authorization attack - ANSWERA type of attack that can occur when we fail to use
authorization best practices for our applications
cryptographic attack - ANSWERA type of attack that can occur when we fail to
properly design our security mechanisms when implementing cryptographic controls
in our applications
client-side attack - ANSWERA type of attack that takes advantage of weaknesses in
the software loaded on client machines or one that uses social engineering
techniques to trick us into going along with the attack
validating user inputs - ANSWERa security best practice for all software
* the most effective way of mitigating SQL injection attacks
Nikto (and Wikto) - ANSWERA web server analysis tool that performs checks for
many common server-side vulnerabilities & creates an index of all the files and
directories it can see on the target web server (a process known as spidering)
burp suite - ANSWERA well-known GUI web analysis tool that offers a free and
professional version; the pro version includes advanced tools for conducting more in-
depth attacks
fuzzer - ANSWERA type of tool that works by bombarding our applications with all
manner of data and inputs from a wide variety of sources, in the hope that we can
cause the application to fail or to perform in unexpected ways
MiniFuzz File Fuzzer - ANSWERA tool developed by Microsoft to find flaws in file-
handling source code
BinScope Binary Analyzer - ANSWERA tool developed by Microsoft to examine
source code for general good practices
SDL Regex Fuzzer - ANSWERA tool developed by Microsoft for testing certain
pattern-matching expressions for potential vulnerabilities
, good sources of secure coding guidelines - ANSWERCERT, NIST 800, BSI, an
organization's internal coding guidelines
OS hardening - ANSWERthe process of reducing the number of available avenues
through which our OS might be attacked
attack surface - ANSWERThe total of the areas through which our operating system
might be attacked
6 main hardening categories - ANSWER1. Removing unnecessary software
2. Removing or turning off unessential services
3. Making alterations to common accounts
4. Applying the principle of least privilege
5. Applying software updates in a timely manner
6. Making use of logging and auditing functions
Principle of Least Privilege - ANSWERstates we should only allow a party the
absolute minimum permission needed for it to carry out its function
stuxnet - ANSWERA particularly complex and impactful item of malware that
targeted the Supervisory Control and Data Acquisition (SCADA) systems that run
various industrial processes; this piece of malware raised the bar for malware from
largely being a virtual-based attack to actually being physically destructive
anti-malware tool - ANSWERA type of tool that uses signature matching or anomaly
detection (heuristics) to detect malware threats, either in real-time or by performing
scans of files and processes
heuristics - ANSWERthe process of anomaly detection used by anti-malware tools to
detect malware without signatures
executable space protection - ANSWERA hardware and software-based technology
that prevents certain portions of the memory used by the operating system and
applications from being used to execute code
buffer overflow (overrun) - ANSWERThe act of inputting more data than an
application is expecting from a particular input, creating the possibility of executing
commands by specifically crafting the excess data
ASLR (Address Space Layout Randomization) - ANSWERa security method that
involves shifting the contents of memory around to make tampering difficult
software firewall - ANSWERThis type of firewall generally contains a subset of the
features on a large firewall appliance but is often capable of similar packet filtering
and stateful packet inspection activities
HIDS (host-based intrusion detection system) - ANSWERa system used to analyze
the activities on or directed at the network interface of a particular host.
* may communicate with management device by sending regular beacons
& ANSWERS(RATED A+)
bounds checking - ANSWERto set a limit on the amount of data we expect to receive
to set aside storage for that data
*required in most programming languages
* prevents buffer overflows
race conditions - ANSWERA type of software development vulnerability that occurs
when multiple processes or multiple threads within a process control or share access
to a particular resource, and the correct handling of that resource depends on the
proper ordering or timing of transactions
input validation - ANSWERa type of attack that can occur when we fail to validate the
input to our applications or take steps to filter out unexpected or undesirable content
format string attack - ANSWERa type of input validation attacks in which certain print
functions within a programming language can be used to manipulate or view the
internal memory of an application
authentication attack - ANSWERA type of attack that can occur when we fail to use
strong authentication mechanisms for our applications
XSS (Cross Site Scripting) - ANSWERan attack carried out by placing code in the
form of a scripting language into a web page or other media that is interpreted by a
client browser
XSRF (cross-site request forgery) - ANSWERan attack in which the attacker places
a link on a web page in such a way that it will be automatically executed to initiate a
particular activity on another web page or application where the user is currently
authenticated
clickjacking - ANSWERAn attack that takes advantage of the graphical display
capabilities of our browser to trick us into clicking on something we might not
otherwise
server-side attack - ANSWERA type of attack on the web server that can target
vulnerabilities such as lack of input validation, improper or inadequate permissions,
or extraneous files left on the server from the development process
Protocol issues, unauthenticated access, arbitrary code execution, and privilege
escalation - ANSWERName the 4 main categories of database security issues
web application analysis tool - ANSWERA type of tool that analyzes web pages or
web-based applications and searches for common flaws such as XSS or SQL
,injection flaws, and improperly set permissions, extraneous files, outdated software
versions, and many more such items
protocol issues - ANSWERunauthenticated flaws in network protocols, authenticated
flaws in network protocols, flaws in authentication protocols
arbitrary code execution - ANSWERAn attack that exploits an applications
vulnerability into allowing the attacker to execute commands on a user's computer.
* arbitrary code execution in intrinsic or securable SQL elements
Privilege Escalation - ANSWERAn attack that exploits a vulnerability in software to
gain access to resources that the user normally would be restricted from accessing.
* via SQL injection or local issues
authorization attack - ANSWERA type of attack that can occur when we fail to use
authorization best practices for our applications
cryptographic attack - ANSWERA type of attack that can occur when we fail to
properly design our security mechanisms when implementing cryptographic controls
in our applications
client-side attack - ANSWERA type of attack that takes advantage of weaknesses in
the software loaded on client machines or one that uses social engineering
techniques to trick us into going along with the attack
validating user inputs - ANSWERa security best practice for all software
* the most effective way of mitigating SQL injection attacks
Nikto (and Wikto) - ANSWERA web server analysis tool that performs checks for
many common server-side vulnerabilities & creates an index of all the files and
directories it can see on the target web server (a process known as spidering)
burp suite - ANSWERA well-known GUI web analysis tool that offers a free and
professional version; the pro version includes advanced tools for conducting more in-
depth attacks
fuzzer - ANSWERA type of tool that works by bombarding our applications with all
manner of data and inputs from a wide variety of sources, in the hope that we can
cause the application to fail or to perform in unexpected ways
MiniFuzz File Fuzzer - ANSWERA tool developed by Microsoft to find flaws in file-
handling source code
BinScope Binary Analyzer - ANSWERA tool developed by Microsoft to examine
source code for general good practices
SDL Regex Fuzzer - ANSWERA tool developed by Microsoft for testing certain
pattern-matching expressions for potential vulnerabilities
, good sources of secure coding guidelines - ANSWERCERT, NIST 800, BSI, an
organization's internal coding guidelines
OS hardening - ANSWERthe process of reducing the number of available avenues
through which our OS might be attacked
attack surface - ANSWERThe total of the areas through which our operating system
might be attacked
6 main hardening categories - ANSWER1. Removing unnecessary software
2. Removing or turning off unessential services
3. Making alterations to common accounts
4. Applying the principle of least privilege
5. Applying software updates in a timely manner
6. Making use of logging and auditing functions
Principle of Least Privilege - ANSWERstates we should only allow a party the
absolute minimum permission needed for it to carry out its function
stuxnet - ANSWERA particularly complex and impactful item of malware that
targeted the Supervisory Control and Data Acquisition (SCADA) systems that run
various industrial processes; this piece of malware raised the bar for malware from
largely being a virtual-based attack to actually being physically destructive
anti-malware tool - ANSWERA type of tool that uses signature matching or anomaly
detection (heuristics) to detect malware threats, either in real-time or by performing
scans of files and processes
heuristics - ANSWERthe process of anomaly detection used by anti-malware tools to
detect malware without signatures
executable space protection - ANSWERA hardware and software-based technology
that prevents certain portions of the memory used by the operating system and
applications from being used to execute code
buffer overflow (overrun) - ANSWERThe act of inputting more data than an
application is expecting from a particular input, creating the possibility of executing
commands by specifically crafting the excess data
ASLR (Address Space Layout Randomization) - ANSWERa security method that
involves shifting the contents of memory around to make tampering difficult
software firewall - ANSWERThis type of firewall generally contains a subset of the
features on a large firewall appliance but is often capable of similar packet filtering
and stateful packet inspection activities
HIDS (host-based intrusion detection system) - ANSWERa system used to analyze
the activities on or directed at the network interface of a particular host.
* may communicate with management device by sending regular beacons
