knowt logo
HomeExploreExams
go to Home
Home

Info Sec - FINAL QUIZZES

studied byStudied by 32 people
5.0(1)
learn
LearnA personalized and smart learning plan
exam
Practice TestTake a test on your terms and definitions
spaced repetition
Spaced RepetitionScientifically backed study method
heart puzzle
Matching GameHow quick can you match all your cards?
flashcards
FlashcardsStudy terms and definitions

1 / 20

encourage image

There's no tags or description

Looks like no one added any tags here yet for you.

21 Terms

1

What virus structure is valid (can be more than one):

  • Prepending Malware

  • Multi-Cavity Malware

  • Cavity Malware

  • Appending Malware

ALL OF THE ABOVE

New cards
2

Suppose, you are planning to detect previously unseen malware. Which approach will be the best for this scenario?

  • Virus Family Detection

  • Rule-based approach

  • Anomaly detection

  • Signature-based detection

Anomaly Detection

New cards
3

(TRUE OR FALSE): Worm propagation model starts with slow start phase and ends with slow finish phase.

TRUE

New cards
4

(TRUE OR FALSE): A virus is code embedded in a file or program.

TRUE

New cards
5

Which strategy we can adopt to detect virus? (can be more than one):

  • Scanning

  • Interception

  • Complex Password Policy

  • Integrity Checking

  • Scanning

  • Interception

  • Integrity Checking

New cards
6

Select the obfuscations technique which doesn't apply for evasion.

  • None of the above

  • Eavesdropping Attack

  • Register Renaming

  • NOP Insertion

None of the above

New cards
7

If you declare an array as A[100] in C and you try to write data to A[101], what will happen?

  • Whatever is at A[101] will be overwritten

  • Nothing

  • The C compiler will give you an error and won’t compile

  • There will always be a runtime error

Whatever is at A[101] will be overwritten

New cards
8

Which programming languages are commonly susceptible to buffer overflow attacks?

  • Ruby and JavaScript

  • PHP and HTML

  • C and C++

  • Java and Python

C and C++

New cards
9

What is a buffer overflow attack?

  • An attack that overflows a computer's memory buffer, allowing the attacker to execute arbitrary code.

  • An attack that steals sensitive information from a computer by exploiting security vulnerabilities.

  • An attack that floods a network with traffic, causing it to crash.

  • An attack that disables a computer's firewall, allowing unauthorized access.

An attack that overflows a computer's memory buffer, allowing the attacker to execute arbitrary code.

New cards
10

What is the best practice for preventing buffer overflow attacks in software development? (select all that apply)

  • Interception

  • Use input validation in the code.

  • Regularly update antivirus software.

  • Proper bounds checking in the code.

  • Use input validation in the code.

  • Proper bounds checking in the code.

New cards
11

What can make a buffer overflow a security problem? (select all that applies)

  • Only when the attacker is able to hijack the execution of the program

  • When security-sensitive data is overwritten

  • When data that is critical to the execution of the program is overwritten causing the program to crash

  • Only when the buffer overflow is between two computers on a network

  • When security-sensitive data is overwritten

  • When data that is critical to the execution of the program is overwritten causing the program to crash

New cards
12

Which of these kinds of inputs can cause a buffer overflow. (select all that applies)

  • An environment variable

  • A floating point number

  • String input from the user

  • A single integer

ALL OF THE ABOVE

New cards
13

What is NOT the important elements of Taint Analysis?

  • Taint Seed

  • Symbolic Engine

  • Taint Sink

  • Taint Propagation Policy

Symbolic Engine

New cards
14

What can be overwritten by a buffer overflow that causes a security problem. (select all that applies)

  • A return pointer

  • Anything that will make the program

  • Any kind of pointer

  • Security-sensitive data

ALL OF THE ABOVE

New cards
15

Which kinds of operations are most likely to lead to buffer overflows in C?

  • Indexing of arrays

  • Valid value assignment

  • Floating point addition

  • Dereferencing a pointer

Indexing of arrays

New cards
16

Which of these processes is likely to catch a buffer overflow?

  • Compilation

  • Testing by a software developer

  • All of the above

  • Code inspection

ALL OF THE ABOVE

New cards
17

What is the goal for Automated Testing?

  • All of the above

  • Find crashes

  • Find security vulnerabilities

  • Find most assertion violations

ALL OF THE ABOVE

New cards
18

What are the variations of secret token validations?

  • Session Independent Token

  • All of the above

  • Session Dependent Token

  • Session Identifier

ALL OF THE ABOVE

New cards
19

How can one separate a same site request from a cross-site? 

  • All of the above

  • Using Cookie Authentication

  • Using Secret Token Validation

  • Using Referrer Header

Using Referrer Header

New cards
20

(TRUE OR FALSE): Cookie Authentication will prevent cross-site request forgery.

TRUE

New cards
21

What is a true statement?

  • All of the above

  • Source code is unavailable in black box testing

  • Source code is available in white box testing

  • Seeds denotes the starting point of fuzzing process

ALL OF THE ABOVE

New cards
robot