M18 Practice Quiz

#vulnerabilities #attacks

Question 1

  1. Helena, a cybersecurity analyst at Dion Training, is analyzing a security alert and trying to determine which type of attack was being used by a threat actor. The alert details an incident where an attacker exploited a timing vulnerability that caused the system to process operations out of the intended sequence and allowing unauthorized actions. Which of the following BEST describes this type of attack?

    Options:

    • Side Loading
    • SQL Injection
    • XML Injection
    • Race Condition

    Overall explanation:

    • A race condition occurs when the behavior of a system depends on the relative timing of events, such as the order in which threads are scheduled to run, and this potentially can lead to unintended outcomes.
    • XML Injection is an attack technique where an attacker injects malicious XML code into an XML document or query to potentially allow an attacker to bypass authentication, elevate privileges, or execute remote code.
    • Side loading refers to the practice of installing applications from sources other than the official app store which can be exploited by attackers to distribute malicious software.
    • SQL Injection is a code injection technique that exploits vulnerabilities in an application's software by manipulating SQL queries to allow for the unauthorized viewing of data, corrupting or deleting data, and in some cases executing administrative operations on the database.

    Tags: Race Conditions

Question 2

  1. Liam, a cybersecurity analyst at Dion Training, is analyzing a security alert and trying to determine which type of attack was being attempted by a threat actor. The following line in the log file appears to be suspicious:
    2023-11-02 14:23:56 [IP:192.168.1.101] [ERROR] User login failed for username: 'admin' OR '1'='1';
    Which of the following BEST describes the type of attack attempted by this threat actor?

    Options:

    • Bluejacking
    • SQL Injection
    • XML Injection
    • Jailbreaking

    Overall explanation:

    • SQL Injection is a code injection technique that exploits vulnerabilities in an application's software by manipulating SQL queries to allow for the unauthorized viewing of data, corrupting or deleting data, and in some cases executing administrative operations on the database.
    • XML Injection is an attack technique where an attacker injects malicious XML code into an XML document or query to potentially allow an attacker to bypass authentication, elevate privileges, or execute remote code.
    • Bluejacking is the practice of sending unsolicited messages over Bluetooth to Bluetooth-enabled devices, such as smartphones, tablets, or laptops.
    • Jailbreaking refers to the process of removing software restrictions imposed by the operating system on devices like iPhones or iPads, allowing users to install unauthorized apps and make deeper system modifications.

    Tags: SQL and XML Injections

Question 3

  1. Sasha, a cybersecurity analyst at Dion Training, is analyzing a security alert and trying to determine which type of attack was being used by a threat actor. The alert details an incident where an attacker sent unsolicited messages to a user's smartphone via Bluetooth without any evidence of taking control of the device. Which of the following BEST describes this type of attack?

    Options:

    • Bluebugging
    • Bluejacking
    • BlueBorne
    • Bluesmack

    Overall explanation:

    • Bluejacking is the practice of sending unsolicited messages over Bluetooth to Bluetooth-enabled devices without taking control of the device.
    • Bluebugging is a more serious attack that allows attackers to take control of a device's Bluetooth connection.
    • Bluesmack involves sending a large amount of data in a single packet to a Bluetooth-enabled device, causing it to crash.
    • BlueBorne is a set of vulnerabilities that allow attackers to take control of Bluetooth-enabled devices without any user interaction. In this case, since the attacker only sent unsolicited messages without taking control, the best description is Bluejacking.

    Tags: Bluetooth Vulnerabilities and Attacks

Question 4

  1. Cristian, a cybersecurity analyst at Dion Training, is analyzing a security alert and trying to determine which type of attack was being used by a threat actor. The alert details an incident where an attacker deliberately inputs an excessive amount of data into an application's buffer to try and cause the system to crash and potentially allow for the execution of arbitrary code. Which of the following BEST describes this type of attack?

    Options:

    • Buffer Overflow
    • Cross-site Scripting
    • Cross-site Request Forgery
    • Zero-day

    Overall explanation:

    • A Buffer Overflow attack occurs when an attacker inputs more data into a buffer than it can handle, potentially causing system instability, crashes, or the execution of arbitrary code.
    • A Zero-day is a vulnerability that is unknown to the software vendor and therefore has no available patches.
    • Cross-site Scripting (XSS) is a type of injection attack where malicious scripts are injected into trusted websites.
    • Cross-site Request Forgery (CSRF) is an attack that tricks a user into performing actions they did not intend to do on a web application in which they're authenticated. In this case, since the attacker is causing the system to crash by overloading the buffer, the best description is a Buffer Overflow.

    Tags: Buffer Overflow

Question 5

  1. Jonathan, a cybersecurity analyst at Dion Training, is analyzing a security alert and trying to determine which type of attack was being used by a threat actor. The alert details an incident where an attacker inserted malicious scripts into input fields on a website, which were then executed in the browser of any user viewing that data. Which of the following BEST describes this type of attack?

    Options:

    • Buffer overflow
    • SQL injection
    • Bluejacking
    • Cross-site scripting

    Overall explanation:

    • Cross-site Scripting (XSS) is a type of injection attack where malicious scripts are inserted into websites and executed in the browser of any user viewing that data, potentially leading to stolen information or malicious redirection.
    • Buffer Overflow occurs when an attacker inputs more data into a buffer than it can handle, potentially causing system crashes or the execution of arbitrary code.
    • SQL Injection is a code injection technique that manipulates SQL queries to allow unauthorized viewing of data or other malicious actions.
    • Bluejacking is the practice of sending unsolicited messages over Bluetooth to Bluetooth-enabled devices without taking control of the device. In this case, since the attacker is inserting malicious scripts into a website, the best description is Cross-site Scripting (XSS).

    Tags: XSS and XSRF