1.
What attack technique is used to exploit websites by altering backend database queries through manipulated input?
Correct Answer
C. SQL Injection
Explanation
SQL Injection is the correct answer because it is a technique used to exploit web sites by altering backend database queries through inputting manipulated queries. In SQL Injection, an attacker inserts malicious SQL code into input fields, which is then executed by the application's database. This allows the attacker to manipulate the database and potentially gain unauthorized access to sensitive information or perform unauthorized actions on the website.
2.
What occurs when an application sends user-inputted data to a web browser without proper validation and escaping?
Correct Answer
B. Cross Site Scripting
Explanation
Cross Site Scripting, also known as XSS, happens when an application sends data to a web browser without checking or changing it to make it safe. This can allow harmful scripts to run in someone else’s browser. It's like handing someone a letter to deliver without checking if it contains something dangerous. By not cleaning the data, the application can accidentally help spread harmful code.
3.
What flaw arises when session tokens do not have good randomness across a range of values?
Correct Answer
D. Session Hijacking
Explanation
Session Hijacking is a security problem that happens when session tokens, which are supposed to be random and unique, are predictable or not random enough. This allows attackers to guess or find these tokens more easily, and use them to take over someone else’s session. It's like having a simple and common password for a lock that many people know; it makes it easier for someone unwanted to open the lock and access your space.
4.
What attack technique forces a user’s session credential or session ID to an explicit value?
Correct Answer
C. Session Fixation
Explanation
Session Fixation is an attack where the attacker tricks a user into using a specific session ID that they already know. This way, once the user logs in, the attacker can use this session ID to access the user's account as if they were the user. It's like someone secretly assigning you a locker they already have a key to; once you put your stuff inside and lock it, they can open it and access everything inside.
5.
What threat arises from not flagging HTTP cookies with tokens as secure?
Correct Answer
A. Session Hijacking
Explanation
Not flagging HTTP cookies with tokens as secure can lead to the threat of session hijacking. Session hijacking refers to an attacker gaining unauthorized access to a user's session by stealing or intercepting their session token. By not flagging cookies as secure, they can be transmitted over insecure channels, making them vulnerable to interception and misuse. This can allow an attacker to impersonate the user and perform actions on their behalf, compromising the security and integrity of the session.
6.
Which attack can execute scripts in the user’s browser and is capable of hijacking user sessions, defacing websites, or redirecting the user to malicious sites?
Correct Answer
B. Cross site scripting
Explanation
Cross-site scripting (XSS) is an attack that allows an attacker to inject malicious scripts into web pages viewed by users. These scripts can then be executed in the user's browser, giving the attacker the ability to hijack user sessions, manipulate website content, or redirect users to malicious sites. XSS attacks are a significant threat to web applications and can lead to various security vulnerabilities if not properly mitigated.
7.
What flaw can lead to the exposure of resources or functionality to unintended actors?
Correct Answer
B. Improper Authentication
Explanation
Improper authentication is a flaw that can lead to the exposure of resources or functionality to unintended actors. This means that the system does not properly verify the identity of users before granting them access to certain resources or functionalities. As a result, unauthorized individuals may be able to gain access to sensitive information or perform actions that they should not have the privilege to do. This flaw can be exploited by attackers to compromise the security of the system and potentially cause harm or damage.
8.
Which threat can be prevented by generating usernames with a high degree of entropy?
Correct Answer
D. Authentication bypass
Explanation
Authentication Bypass is a threat where someone gains access to a system without going through the proper security checks. By using unique usernames that are complex and generated with high entropy, it becomes much harder for attackers to guess or predict these usernames, thereby preventing unauthorized access. It’s like having a very unusual and complicated key for a lock, making it much harder for someone to make a copy or pick the lock.
9.
What threat are you vulnerable to if you do not validate the authorization of the user for direct references to restricted resources?
Correct Answer
D. Insecure Direct Object References
Explanation
Insecure Direct Object References (IDOR) occur when access controls are insufficient, allowing unauthorized users to access restricted resources by directly referencing them. Validation of user authorization ensures that only permitted users can access specific resources, preventing unauthorized data exposure or operations.
10.
Role-Based Access Control helps prevent this OWASP Top 10 weakness.
Correct Answer
A. Failure to restrict URL Access
Explanation
Role-Based Access Control (RBAC) is a security mechanism that restricts access to certain resources based on the roles assigned to users. By implementing RBAC, access to URLs can be restricted based on the roles assigned to users, thereby preventing unauthorized access to sensitive information. This helps address the weakness of "Failure to restrict URL Access" as RBAC ensures that only users with the appropriate roles are granted access to specific URLs, reducing the risk of unauthorized access and potential security breaches.
11.
What type of flaw occurs when untrusted user-entered data is sent to the interpreter as part of a command or query?
Correct Answer
B. Injection
Explanation
Injection flaws happen when an application sends untrusted data, like user inputs, to an interpreter without proper validation or sanitization. This allows attackers to inject malicious commands or queries, potentially gaining unauthorized access or causing harm to the system. It's like letting someone whisper instructions to your assistant without checking if they're safe or not; they could trick the assistant into doing something harmful.
12.
What attack can be prevented by using an unpredictable token for each user in links or forms that invoke state-changing functions?
Correct Answer
C. Cross Site Request Forgery
Explanation
Cross Site Request Forgery (CSRF) is a type of attack that tricks a user into executing unwanted actions on a web application in which they are currently authenticated. By using unpredictable tokens in each user's link or form, the application ensures that the requests are genuinely initiated by the user and not by an attacker. It's like making sure that every command given is actually coming from the rightful owner and not an impersonator.
13.
What flaw arises if the session identifier is not changed when a connection switches from HTTP to HTTPS?
Correct Answer
A. Session Replay
Explanation
If a connection changes from HTTP to HTTPS without changing the session identifier, the flaw that arises is session replay. Session replay refers to the act of an attacker intercepting and replaying a session token or identifier to gain unauthorized access to a user's session. In this scenario, if the session identifier remains the same during the transition from HTTP to HTTPS, an attacker can capture the session identifier and use it to replay the session, effectively impersonating the user and gaining unauthorized access to their session.
14.
Which attack exploits the trust that a site has in a user's browser?
Correct Answer
B. Cross Site Request Forgery
Explanation
Cross-Site Request Forgery (CSRF) is the correct answer because it involves exploiting the trust between a website and a user's browser. CSRF attacks trick a user's browser into making unintended requests to a website on which the user is authenticated, allowing the attacker to perform actions on behalf of the user without their knowledge or consent. This attack takes advantage of the fact that websites often trust requests coming from a user's browser, making it a dangerous vulnerability that can lead to unauthorized actions being performed.
15.
For an indirect reference, what happens if there’s no list of limited values authorized for a user in the direct reference?
Correct Answer
D. Access to sensitive data possible
Explanation
If there is no list of limited values authorized for a user in the direct reference, it means that there are no restrictions on the data that the user can access. This lack of authorization control can lead to unauthorized access to sensitive data, making it possible for someone to view or manipulate sensitive information without proper permission.
16.
Can client-side scripts be allowed to execute in browsers for needed operations?
Correct Answer
A. True
Explanation
The statement is true. Client-side scripts can be allowed to execute in web browsers for various operations, such as form validation, dynamic content generation, and interactive user interfaces. JavaScript is a common language used for client-side scripting, allowing developers to enhance the functionality and interactivity of web pages.
17.
Which of the following are session-related vulnerabilities?
Correct Answer(s)
A. Session Fixation
B. Session Hijacking
Explanation
Session Fixation is a vulnerability where an attacker can fix or set a session identifier for a user before they authenticate. This allows the attacker to hijack the session once the user logs in. Session Hijacking, on the other hand, is when an attacker steals or hijacks an existing session by obtaining the session identifier. Both vulnerabilities involve unauthorized access to a user's session, but session fixation involves setting the session identifier beforehand, while session hijacking involves stealing it after authentication.
18.
What is phishing?
Correct Answer
B. Email Scam
Explanation
Phishing refers to a type of online scam where individuals are tricked into providing sensitive information, such as passwords or credit card details, by posing as a trustworthy entity through fraudulent emails or websites. This fraudulent activity aims to deceive users into believing they are interacting with a legitimate organization, ultimately leading to financial loss or identity theft.
19.
What is a cookie?
Correct Answer
B. A file that enhances web browsing
Explanation
A cookie is a file that makes it easier to access a website and browse. When a user visits a website, the website sends a small piece of data (cookie) to the user's browser, which is stored on their device. This cookie contains information about the user's preferences, login credentials, and browsing behavior. The next time the user visits the same website, the browser sends the cookie back to the website, allowing it to remember the user's preferences and provide a personalized browsing experience. Cookies do not have any connection to computer viruses or identity theft.
20.
You receive an email from Desjardins saying you’ve won a contest. What should you do?
Correct Answer
B. Contact Caisse to confirm the information
Explanation
From the options given, the correct answer is "Contact Caisse to confirm the information." In this context, "Caisse" refers to Desjardins, a financial group in Canada. If you receive an email claiming that you've won a contest from Desjardins, it's important to verify the information by contacting the organization directly. This helps ensure that you're not falling victim to a potential scam or phishing attempt. By contacting Desjardins, you can confirm if the contest is legitimate and if you have indeed won a prize.
21.
What is the Internet equivalent of an IP address?
Correct Answer
A. Mailing Address
Explanation
An IP address is similar to a mailing address because it identifies the location of a device connected to the internet. Just as a mailing address is used to send and receive physical mail, an IP address is used to send and receive data packets over the internet. It allows devices to communicate with each other and ensures that data is delivered to the correct destination.
22.
Statistics show that many companies connected to the Internet are not sufficiently secure. Why not?
Correct Answer(s)
A. Many companies do not have a written security policy in place.
C. Many companies have insufficient protection between the Internet and company networks.
D. Many companies have insufficient information about the traffic over the company networks.
Explanation
The statistics mentioned indicate that there are several reasons why many companies connected to the Internet are not sufficiently secure. One reason is that many companies do not have a written security policy in place. This means that they do not have clear guidelines and protocols for ensuring the security of their networks. Another reason is that many companies have insufficient protection between the Internet and their company networks. This means that there are vulnerabilities and weak points in their network infrastructure that can be exploited by attackers. Lastly, many companies have insufficient information about the traffic over their company networks, which means they may not have the necessary visibility and monitoring capabilities to identify and respond to security threats effectively.
23.
The use of proper security techniques can:
Correct Answer(s)
A. Minimize the threat of attackers
C. Prevent most hackers from accessing your system.
Explanation
The use of proper security techniques can minimize the threat of attackers and prevent most hackers from accessing your system. By implementing effective security measures, such as firewalls, encryption, and authentication protocols, the likelihood of successful attacks and unauthorized access is greatly reduced. While it cannot provide 100 percent security, it significantly enhances the overall security posture of the system and acts as a deterrent for potential attackers.
24.
Network permissions should be established so that users can accomplish their tasks, but cannot access any system resources that are not necessary so that:
Correct Answer
C. Only the resources authorized for that user will be at risk.
Explanation
Establishing network permissions ensures that users can only access the system resources that are necessary for them to accomplish their tasks. By limiting their access to only authorized resources, the risk of unauthorized access or misuse of system resources is minimized. This helps prevent hackers from stealing a legitimate user's identity or posing as legitimate users, as they will not have access to resources beyond what they are authorized for. Therefore, the statement that "Only the resources authorized for that user will be at risk" is the correct explanation.
25.
The characteristics of an effective security system are that the system is:
Correct Answer(s)
B. Highly secure, easy to use, flexible, and scalable
C. One that provides comprehensive alarming and reporting
Explanation
An effective security system should be highly secure to protect against unauthorized access. It should also be easy to use so that users can easily navigate and utilize the system without difficulty. Additionally, the system should be flexible and scalable, meaning it can adapt to changing needs and can expand or contract as necessary. Lastly, the system should provide comprehensive alarming and reporting capabilities to alert users of any potential security breaches and to keep track of system activity.