Que.Which of the following attack-based checks WebInspect cannot do?
|
a. cross-site scripting |
b. directory traversal |
c. parameter injection |
d. injecting shell code |
Que.________ is a password recovery and auditing tool.
|
a. LC3 |
b. LC4 |
c. Network Stumbler |
d. Maltego |
Que.L0phtCrack is formerly known as LC3.
|
a. True |
b. False |
c. May be True or False |
d. Can’t say |
Que.___________ is a weakness that can be exploited by attackers.
|
a. System with Virus |
b. System without firewall |
c. System with vulnerabilities |
d. System with a strong password |
System with vulnerabilities
Que._________ is the sum of all the possible points in software or system where unauthorized users can enter as well as extract data from the system.
|
a. Attack vector |
b. Attack surface |
c. Attack point |
d. Attack arena |
Que.____________ is the cyclic practice for identifying & classifying and then solving the vulnerabilities in a system.
|
a. Bug protection |
b. Bug bounty |
c. Vulnerability measurement |
d. Vulnerability management |
Que.Risk and vulnerabilities are the same things.
|
a. True |
b. False |
c. May be True or False |
d. Can’t say |
Que._____________ is a special type of vulnerability that doesn’t possess risk.
|
a. Vulnerabilities without risk |
b. Vulnerabilities without attacker |
c. Vulnerabilities without action |
d. Vulnerabilities no one knows |
Vulnerabilities without risk
Que.A/An __________ is a piece of software or a segment of command that usually take advantage of a bug to cause unintended actions and behaviors.
|
a. malware |
b. trojan |
c. worms |
d. exploit |
Que.There are ________ types of exploit.
|
a. 3 |
b. 2 |
c. 5 |
d. 4 |