Quiz Maker LogoMake your own QuizCopy & Edit
Make your own quizManage my QuizzesPlans / FeaturesGuides and HelpContactPrivacy & Security

Info Security Chapter 5

A modern and engaging illustration depicting various aspects of information security, such as a computer with security codes, a shield for protection, and symbols for different types of cyber attacks.

Info Security Quiz: Chapter 5

Test your knowledge of information security concepts with our comprehensive quiz based on Chapter 5. This quiz covers a variety of topics including web application attacks, SQL injection, and DNS poisoning.

  • 20 multiple choice questions
  • Engaging and informative
  • Perfect for students and professionals alike
20 Questions5 MinutesCreated by AnalyzingData321
Which attack intercepts communications between a web browser and the underlying computer?
Man-in-the-middle (MITM)
Man-in-the-browser (MITB)
Replay
ARP poisoning
Olivia was asked to protect the system from a DNS poisoning attack. What are the locations she would need to protect?
Web server buffer and host DNS server
Reply referrer and domain buffer
Web browser and browser add-on
Host table and external DNS server
Newton is concerned that attackers could be exploiting a vulnerability in software to gain access to resources that the user normally would be restricted from accessing. What type of attack is he worried about?
Privilege escalation
Session replay
Scaling exploit
Amplification
Which of the following adds new functionality to the web browser so that users can play music, view videos, or display special graphical images within the browser?
Extensions
Scripts
Plug-ins
Add-ons
An attacker who manipulates the maximum size of an integer type would be performing what kind of attack?
Integer overflow
Buffer overflow
Number overflow
Heap overflow
What kind of attack is performed by an attacker who takes advantage of the inadvertent and unauthorized access built through three succeeding systems that all trust one another?
Privilege escalation
Cross-site attack
Horizontal access attack
Transverse attack
Which statement is correct regarding why traditional network security devices cannot be used to block web application attacks?
The complex nature of TCP/IP allows for too many ping sweeps to be blocked.
Web application attacks use web browsers that cannot be controlled on a local computer
Network security devices cannot prevent attacks from web resources.
Traditional network security devices ignore the content of HTTP traffic, which is the vehicle of web application attacks.
What is the difference between a DoS and a DDoS attack?
DoS attacks are faster than DDoS attacks
DoS attacks use fewer computers than DDoS attacks
DoS attacks do not use DNS servers as DDoS attacks do
DoS attacks user more memory than a DDoS attack
John was explaining about an attack that accepts user input without validating it and uses that input in a response. What type of attack was he describing?
SQL
XSS
XSRF
DDoS DNS
Which attack uses the user’s web browser settings to impersonate that user?
XDD
XSRF
Domain hijacking
Session hijacking
What is the basis of an SQL injection attack?
To expose SQL code so that it can be examined
To have the SQL server attack client web browsers
To insert SQL statements through unfiltered user input
To link SQL servers into a botnet
Which action cannot be performed through a successful SQL injection attack?
Discover the names of different fields in a table
Reformat the web application server’s hard drive
Display a list of customer telephone numbers
Erase a database table
Attackers who register domain names that are similar to legitimate domain names are performing _____
Address resolution
HTTP manipulation
HTML squatting
URL hijacking
What type of attack involves manipulating third-party ad networks?
Session advertising
Malvertising
Clickjacking
Directory traversal
Why are extensions, plug-ins, and add-ons considered to be security risks?
They are written in Java, which is a weak language.
They have introduced vulnerabilities in browsers
They use bitcode.
They cannot be uninstalled.
What is a session token?
XML code used in an XML injection attack
A random string assigned by a web server
Another name for a third-party cookie
A unique identifier that includes the user’s email address
Which of these is not a DoS attack?
SYN flood
DNS amplification
Smurf attack
Push flood
What type of attack intercepts legitimate communication and forges a fictitious response to the sender?
SIDS
Interceptor
MITM
SQL intrusion
A replay attack _____.
Can be prevented by patching the web browser
Is considered to be a type of DoS attack
Makes a copy of the transmission for use at a later time
Replays the attack over and over to flood the server
DNS poisoning _____.
Floods a DNS server with requests until it can no longer respond
Is rarely found today due to the use of host tables
Substitutes DNS addresses so that the computer is automatically redirected to another device
Is the same as ARP poisoning
{"name":"Info Security Chapter 5", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"Test your knowledge of information security concepts with our comprehensive quiz based on Chapter 5. This quiz covers a variety of topics including web application attacks, SQL injection, and DNS poisoning.20 multiple choice questionsEngaging and informativePerfect for students and professionals alike","img":"https:/images/course7.png"}

More Quizzes

Seguridad 7
1059
Ransomware Protection
10537
Security Malware
105116
Using Threat Intelligence
520
Info Security Chapter 2
20100
Cybersecurity Quiz - Who you gonna call
11610
CYBERCRIME
502522
Security Plus
191025
ITEC MIDTERMS
452226
Cybersecurity Quiz - The art of Exploitation
6317
ETHICAL HACKING
1059
M6-110 WIN OS ARTIFACTS & PROCESSES
201022
Quiz Maker Logo Make your own Quiz
Powered by: Quiz Maker