Tag: technology

Questions Related to technology

The process of addressing a security vulnerability by blocking an attack vector that could exploit it is known as
technology security

  1. Anti Patching

  2. Anti Attack

  3. Virtual Patching

  4. Patch Attack

Show answer
Correct Option: C

AppSensor is a popular
technology security

  1. Web Applictation Firewall

  2. Application Based Intrusion Detection

  3. Database Monitoring

  4. Virtual Private Lan

Show answer
Correct Option: B

ModSecurity is a popular
technology security

  1. Web Applictation Firewall

  2. Application Based Intrusion Detection

  3. Database Monitoring

  4. Virtual Private Lan

Show answer
Correct Option: A

Any attack which is based on information gained from physical implementation of a crypto system,rather than brute force or algorithm weakness is known as
technology security

  1. Back Attack

  2. Unknown Attack

  3. Reverse Attack

  4. Side Channel Attack

Show answer
Correct Option: D

Which of the following is not a function of Database Activity Monitor
technology security

  1. Previlged User Monitoring

  2. Application Activity Monitoring

  3. Cyberattack Protection

  4. Database Recovery

Show answer
Correct Option: D

Which of the following is a valid method of classifying computer security threats
technology security

  1. DREAD

  2. FEAR

  3. SAFE

  4. DEAF

Show answer
Correct Option: A

Which of the following is a valid threat modelling methodology
technology security

  1. STRIDE

  2. PRIDE

  3. BRIDE

  4. RIDE

Show answer
Correct Option: A

If an attacker submit multiple input parameters (query string, post data, cookies,etc.) of the same name, the application may react in unexpected ways and open up new avenues of server-side and client-side exploitation.This is the premise of
technology security

  1. HTTP Parameter Pollution

  2. Session Splitting

  3. Parameter Damage

  4. Parameter Busting

Show answer
Correct Option: A
Explanation:

To solve this question, the user needs to understand the concept of security vulnerabilities related to web applications.

The correct answer is A. HTTP Parameter Pollution.

Explanation:

HTTP Parameter Pollution (HPP) is a security vulnerability that arises when an attacker submits multiple input parameters of the same name to a web application. This can lead to unexpected behaviors on the server-side and client-side, which can then be exploited by attackers to achieve their goals.

Option B, Session Splitting, is not related to the given premise. Session Splitting is a technique used to distribute user sessions across multiple servers to improve performance and scalability.

Option C, Parameter Damage, is not a commonly used term in the field of web application security. It is not related to the given premise.

Option D, Parameter Busting, is not a commonly used term in the field of web application security. It is not related to the given premise.

Therefore, the correct answer is:

The Answer is: A. HTTP Parameter Pollution.

___________ is a malicious technique of tricking Web users into revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages

technology security

  1. Clickjacking

  2. RoughJacking

  3. CyberJacking

  4. CrackJacking

Show answer
Correct Option: A
Explanation:

To solve this question, the user needs to have knowledge of web security and common malicious techniques used by hackers.

The technique described in the question is known as "Clickjacking", which is used to trick web users into clicking on a button or link that is disguised as something else, thereby revealing confidential information or taking control of their computer.

Now, let's go through each option and explain why it is right or wrong:

A. Clickjacking: This option is correct. Clickjacking is a malicious technique used by hackers to deceive web users into clicking on a disguised button or link, which results in the user revealing confidential information or giving control of their computer to the attacker.

B. RoughJacking: This option is incorrect. "RoughJacking" is not a known term in web security, and there is no evidence to suggest that it is a malicious technique used by hackers.

C. CyberJacking: This option is incorrect. "CyberJacking" is a broad term that can refer to a range of malicious activities, but it is not specific to the technique described in the question.

D. CrackJacking: This option is incorrect. "CrackJacking" is not a known term in web security, and there is no evidence to suggest that it is a malicious technique used by hackers.

Therefore, the correct answer is: A. Clickjacking.

What is a an Evercookie?
technology security

  1. Evercookie is a javascript API available that produces extremely persistent cookies in a browser

  2. Evercookie is a cookie anonymysing tool

  3. Evercookie is a FireFox Plugin

  4. Evercookie is a cookie pollution tool

Show answer
Correct Option: A