Info Sec - FINAL QUIZZES

What virus structure is valid (can be more than one):

• Prepending Malware

• Multi-Cavity Malware

• Cavity Malware

• Appending Malware

ALL OF THE ABOVE

Suppose, you are planning to detect previously unseen malware. Which approach will be the best for this scenario?

• Virus Family Detection

• Rule-based approach

• Anomaly detection

• Signature-based detection

Anomaly Detection

(TRUE OR FALSE): Worm propagation model starts with slow start phase and ends with slow finish phase.

TRUE

(TRUE OR FALSE): A virus is code embedded in a file or program.

TRUE

Which strategy we can adopt to detect virus? (can be more than one):

• Scanning

• Interception

• Complex Password Policy

• Integrity Checking

• Scanning

• Interception

• Integrity Checking

Select the obfuscations technique which doesn't apply for evasion.

• None of the above

• Eavesdropping Attack

• Register Renaming

• NOP Insertion

None of the above

If you declare an array as A[100] in C and you try to write data to A[101], what will happen?

• Whatever is at A[101] will be overwritten

• Nothing

• The C compiler will give you an error and won’t compile

• There will always be a runtime error

Whatever is at A[101] will be overwritten

Which programming languages are commonly susceptible to buffer overflow attacks?

• Ruby and JavaScript

• PHP and HTML

• C and C++

• Java and Python

C and C++

What is a buffer overflow attack?

• An attack that overflows a computer's memory buffer, allowing the attacker to execute arbitrary code.

• An attack that steals sensitive information from a computer by exploiting security vulnerabilities.

• An attack that floods a network with traffic, causing it to crash.

• An attack that disables a computer's firewall, allowing unauthorized access.

An attack that overflows a computer's memory buffer, allowing the attacker to execute arbitrary code.

What is the best practice for preventing buffer overflow attacks in software development? (select all that apply)

• Interception

• Use input validation in the code.

• Regularly update antivirus software.

• Proper bounds checking in the code.

• Use input validation in the code.

• Proper bounds checking in the code.

What can make a buffer overflow a security problem? (select all that applies)

• Only when the attacker is able to hijack the execution of the program

• When security-sensitive data is overwritten

• When data that is critical to the execution of the program is overwritten causing the program to crash

• Only when the buffer overflow is between two computers on a network

• When security-sensitive data is overwritten

• When data that is critical to the execution of the program is overwritten causing the program to crash

Which of these kinds of inputs can cause a buffer overflow. (select all that applies)

• An environment variable

• A floating point number

• String input from the user

• A single integer

ALL OF THE ABOVE

What is NOT the important elements of Taint Analysis?

• Taint Seed

• Symbolic Engine

• Taint Sink

• Taint Propagation Policy

Symbolic Engine

What can be overwritten by a buffer overflow that causes a security problem. (select all that applies)

• A return pointer

• Anything that will make the program

• Any kind of pointer

• Security-sensitive data

ALL OF THE ABOVE

Which kinds of operations are most likely to lead to buffer overflows in C?

• Indexing of arrays

• Valid value assignment

• Floating point addition

• Dereferencing a pointer

Indexing of arrays

Which of these processes is likely to catch a buffer overflow?

• Compilation

• Testing by a software developer

• All of the above

• Code inspection

ALL OF THE ABOVE

What is the goal for Automated Testing?

• All of the above

• Find crashes

• Find security vulnerabilities

• Find most assertion violations

ALL OF THE ABOVE

What are the variations of secret token validations?

• Session Independent Token

• All of the above

• Session Dependent Token

• Session Identifier

ALL OF THE ABOVE

How can one separate a same site request from a cross-site? 

• All of the above

• Using Cookie Authentication

• Using Secret Token Validation

• Using Referrer Header

Using Referrer Header

(TRUE OR FALSE): Cookie Authentication will prevent cross-site request forgery.

TRUE

What is a true statement?

• All of the above

• Source code is unavailable in black box testing

• Source code is available in white box testing

• Seeds denotes the starting point of fuzzing process

ALL OF THE ABOVE