Application Attacks

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/8

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

9 Terms

1
New cards

What type of action allows an attacker to exploit the XSS vulnerability?

Code injection

2
New cards

Which of the following exploits targets a protocol used for managing and accessing networked resources?

LDAP injection attack

3
New cards

Which type of exploit targets web applications that generate content used to store and transport data?

XML injection attack

4
New cards

A type of exploit that relies on overwriting contents of memory to cause unpredictable results in an application is referred to as:

Buffer overflow

5
New cards

A situation where an attacker intercepts and retransmits valid data exchange between an application and a server, or another application is known as:

Replay attack 

6
New cards

Which of the following facilitate(s) privilege escalation attacks?

  • System/application vulnerabilities

  • System/application misconfigurations

  • Social engineering techniques

7
New cards

Which of the statements listed below apply to the CSRF/XSRF attack?

  • Exploits the trust a website has in the user's web browser

  • A user is tricked by an attacker into submitting unauthorized web requests

  • Website executes attacker's requests

8
New cards

A dot-dot-slash attack is also referred to as:

  • Directory traversal attack

9
New cards

Which of the following URLs is a potential indicator of a directory traversal attack?

  • http://www.example.com/var/../etc/passwd http://www.example.com/var/www/../../etc/passwd http://www.example.com/var/www/files/../../../etc/passwd http://www.example.com/var/www/files/images/../../../../etc/passwd