

Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Client Side Attacks || with Complete Solutions.
Typology: Exams
1 / 3
This page cannot be seen from the preview
Don't miss anything!


________________ is when an individual is manipulated to perform an action or reveal information that may compromise a target. correct answers social engineering _______________ is considered the most successful and sought out method to exploit a target. correct answers social engineering _______________is a form of attack in which untrusted Javascript is injected into a trusted website. correct answers cross-site scripting True/False Attackers are rarely successful with client side attacks because of the limited number of configuration variables as well as the low amount of user interaction. correct answers false; ____________ means that a user's SQL input or data is checked for items that might harm the database. correct answers sanitization What type of attack is initiated when the victim downloads content from the attacker. correct answers client-side ____________ checks inputs to ensure that it meets a criteria. correct answers validation What is the target of an XSS: correct answers Visitor's browser What are the two types of XSS? correct answers reflected, stored When the code of the targeted file is replaced with the infected code, this is known as: correct answers Overwriting What may store information pertaining to a session and track client's other personal data? correct answers Cookies Viruses have a naming convention, established by Symantec, that involves alphanumeric characters, underscores, spaces. Each section is limited to how many characters? correct answers 20 True/False Social engineering occurs when a malicious actor leverages access to a user's session cookies in order to impersonate that user. correct answers false Determine whether the XSS method presented is reflected or stored: When the injected script is reflected off the web server. correct answers reflected Determine whether the XSS method presented is reflected or stored: When the injected script is permanently stored on the target servers. correct answers stored
____________ is the use of Valid SQL Queries via input data fields or attaching queries to the end of URLs from client side to server side application which could allow data to be read or modified. correct answers sql injection Determine whether the given incident impacts Confidentiality, Integrity, or Availability: Details of a classified government project have been published online. The publisher claims the documentation was provided by an anonymous group of hackers. correct answers confidentiality Determine whether the given incident impacts Confidentiality, Integrity, or Availability: A user has clicked on a malicious link and installed ransomware. The user is unable to access any files. correct answers availability Determine whether the given incident impacts Confidentiality, Integrity, or Availability: An attacker successfully executes a denial-of-service attack against a company which employs 35 people. correct answers availability Determine whether the given incident impacts Confidentiality, Integrity, or Availability: An authorized user is sharing information with a coworker who is not authorized to access that project. correct answers confidentiality Determine whether the given incident impacts Confidentiality, Integrity, or Availability: An employee has modified company financial records to reflect losses for the quarter. The employee then forwards the altered documents to the finance department. correct answers integrity Determine whether the given incident impacts Confidentiality, Integrity, or Availability: A hacker has altered financial records to commit fraud. correct answers integrity Determine whether the given incident impacts Confidentiality, Integrity, or Availability: An attacker injects or executes arbitrary code on a client. correct answers integrity Any software installed on the OS that causes damage, loss of resources, or exploits any programmable device, service, or network is known as what? correct answers malware List the malware type that matches the definition: malware that performs malicious actions when opened by the user. correct answers virus List the malware type that matches the definition: malware that encrypts files and demands a ransom to return the data to the user. correct answers ransomware List the malware type that matches the definition: malware that masquerades as a harmless application. As a result, the user downloads and uses the application. Theft of personal data, device crashing, spy activities, or an attack could occur. correct answers trojan