Information Security Chapter 3

Flashcards

Your page rank:

Total word count: 412
Pages: 1
Get Now

Calculate the Price

- -
275 words
Check Price
Looking for Expert Opinion?
Let us have a look at your work and suggest how to improve it!
Get a Consultant

What language is used to view and manipulate data that is stored in a relational database?

SQL

What SQL statement represents a SQL injection attempt to determine the names of different fields in a database?

whatever’ AND email IS NULL; —

What SQL injection statement example below could be used to discover the name of the table?

whatever’ AND 1=(SELECT COUNT(*) FROM tabname); —

The SQL injection statement example below that could be used to find specific users:

whatever’ OR full_name LIKE ‘%Mia%’

What SQL injection statement can be used to erase an entire database table?

whatever’; DROP TABLE members; —

HTML uses which option within embedded brackets (< >) causing a web browser to display text in a specific format?

tags

What language is designed to display data, with a primary focus on how the data looks?

HTML

What language is for the transport and storage of data, with the focus on what the data is?

XML

To what specific directory are users generally restricted to on a web server?

root

The default root directory of the Microsoft Internet Information Services (IIS) Web server is located at which directory?

C:\|netpub\ wwwroot

The string of characters that can be used to traverse up one directory level from the root directory:

../

Attacks that take place against web based services are considered to be what type of attack?

server-side

A user has become compromised as a result of visiting a specific web page, without clicking on any kind of content. What type of attack has occurred?

drive-by-download

What portion of the HTTP packet consists of fields that contain information about the characteristics of the data being transmitted?

HTTP header

An attack in which the attacker attempts to impersonate the user by using his or her session token is known as:

Session hijacking

Which type of attack below is similar to a passive man-in-the-middle attack?

replay

When TCP/IP was developed, the host table concept was expanded into a hierarchical name system for matching computer names and numbers using this service:

DNS

How can an attacker substitute a DNS address so that a computer is automatically redirected to another device?

DNS poisoning

The exchange of information among DNS servers regarding configured zones is known as:

zone transfer

On a compromised computer, you have found that a user without administrative privileges was able to perform a task limited to only administrative accounts. What type of exploit has occurred?​

Privilege escalation

Share This
Flashcard

Like the Tone?
You can get your paper edited to read like this. Work with our consultant to learn what to alter
Get pro Tips

More flashcards like this

NCLEX 10000 Integumentary Disorders

When assessing a client with partial-thickness burns over 60% of the body, which finding should the nurse report immediately? a) ...

Read more

NCLEX 300-NEURO

A client with amyotrophic lateral sclerosis (ALS) tells the nurse, "Sometimes I feel so frustrated. I can’t do anything without ...

Read more

NASM Flashcards

Which of the following is the process of getting oxygen from the environment to the tissues of the body? Diffusion ...

Read more

Unfinished tasks keep piling up?

Let us complete them for you. Quickly and professionally.

Check Price

Successful message
sending

Click here