Tag: technology

Questions Related to technology

The process of addressing a security vulnerability by blocking an attack vector that could exploit it is known as

technology security

  1. Anti Patching

  2. Anti Attack

  3. Virtual Patching

  4. Patch Attack

Show answer
Correct Option: C

AI Explanation

To answer this question, you need to understand the concept of addressing security vulnerabilities.

Option A) Anti Patching - This option is incorrect because "anti patching" does not describe the process of addressing a security vulnerability by blocking an attack vector.

Option B) Anti Attack - This option is incorrect because "anti attack" does not specifically refer to the process of addressing a security vulnerability by blocking an attack vector.

Option C) Virtual Patching - This option is correct because virtual patching refers to the process of addressing a security vulnerability by blocking an attack vector that could exploit it. Virtual patching involves implementing temporary security measures to protect against known vulnerabilities while a proper patch or fix is being developed and deployed.

Option D) Patch Attack - This option is incorrect because "patch attack" does not accurately describe the process of addressing a security vulnerability by blocking an attack vector.

The correct answer is C) Virtual Patching. This option is correct because it accurately describes the process of addressing a security vulnerability by blocking an attack vector that could exploit it.

AppSensor is a popular
technology security

  1. Web Applictation Firewall

  2. Application Based Intrusion Detection

  3. Database Monitoring

  4. Virtual Private Lan

Show answer
Correct Option: B

ModSecurity is a popular
technology security

  1. Web Applictation Firewall

  2. Application Based Intrusion Detection

  3. Database Monitoring

  4. Virtual Private Lan

Show answer
Correct Option: A

Any attack which is based on information gained from physical implementation of a crypto system,rather than brute force or algorithm weakness is known as
technology security

  1. Back Attack

  2. Unknown Attack

  3. Reverse Attack

  4. Side Channel Attack

Show answer
Correct Option: D

Which of the following is not a function of Database Activity Monitor
technology security

  1. Previlged User Monitoring

  2. Application Activity Monitoring

  3. Cyberattack Protection

  4. Database Recovery

Show answer
Correct Option: D

Which of the following is a valid method of classifying computer security threats
technology security

  1. DREAD

  2. FEAR

  3. SAFE

  4. DEAF

Show answer
Correct Option: A

Which of the following is a valid threat modelling methodology
technology security

  1. STRIDE

  2. PRIDE

  3. BRIDE

  4. RIDE

Show answer
Correct Option: A

If an attacker submit multiple input parameters (query string, post data, cookies,etc.) of the same name, the application may react in unexpected ways and open up new avenues of server-side and client-side exploitation.This is the premise of
technology security

  1. HTTP Parameter Pollution

  2. Session Splitting

  3. Parameter Damage

  4. Parameter Busting

Show answer
Correct Option: A
Explanation:

To solve this question, the user needs to understand the concept of security vulnerabilities related to web applications.

The correct answer is A. HTTP Parameter Pollution.

Explanation:

HTTP Parameter Pollution (HPP) is a security vulnerability that arises when an attacker submits multiple input parameters of the same name to a web application. This can lead to unexpected behaviors on the server-side and client-side, which can then be exploited by attackers to achieve their goals.

Option B, Session Splitting, is not related to the given premise. Session Splitting is a technique used to distribute user sessions across multiple servers to improve performance and scalability.

Option C, Parameter Damage, is not a commonly used term in the field of web application security. It is not related to the given premise.

Option D, Parameter Busting, is not a commonly used term in the field of web application security. It is not related to the given premise.

Therefore, the correct answer is:

The Answer is: A. HTTP Parameter Pollution.

___________ is a malicious technique of tricking Web users into revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages
technology security

  1. Clickjacking

  2. RoughJacking

  3. CyberJacking

  4. CrackJacking

Show answer
Correct Option: A
Explanation:

To solve this question, the user needs to have knowledge of web security and common malicious techniques used by hackers.

The technique described in the question is known as "Clickjacking", which is used to trick web users into clicking on a button or link that is disguised as something else, thereby revealing confidential information or taking control of their computer.

Now, let's go through each option and explain why it is right or wrong:

A. Clickjacking: This option is correct. Clickjacking is a malicious technique used by hackers to deceive web users into clicking on a disguised button or link, which results in the user revealing confidential information or giving control of their computer to the attacker.

B. RoughJacking: This option is incorrect. "RoughJacking" is not a known term in web security, and there is no evidence to suggest that it is a malicious technique used by hackers.

C. CyberJacking: This option is incorrect. "CyberJacking" is a broad term that can refer to a range of malicious activities, but it is not specific to the technique described in the question.

D. CrackJacking: This option is incorrect. "CrackJacking" is not a known term in web security, and there is no evidence to suggest that it is a malicious technique used by hackers.

Therefore, the correct answer is: A. Clickjacking.

What is a an Evercookie?

technology security

  1. Evercookie is a javascript API available that produces extremely persistent cookies in a browser

  2. Evercookie is a cookie anonymysing tool

  3. Evercookie is a FireFox Plugin

  4. Evercookie is a cookie pollution tool

Show answer
Correct Option: A

AI Explanation

To answer this question, you need to understand what an Evercookie is.

Option A) Evercookie is a javascript API available that produces extremely persistent cookies in a browser - This option is correct. An Evercookie is a JavaScript API that is designed to produce extremely persistent cookies in a web browser. It uses various techniques to store cookie data in multiple locations, making it difficult to remove or delete these cookies.

Option B) Evercookie is a cookie anonymizing tool - This option is incorrect. Evercookie is not a cookie anonymizing tool. It is a tool that creates persistent cookies.

Option C) Evercookie is a Firefox Plugin - This option is incorrect. Evercookie is not a Firefox plugin. It is a JavaScript API that works on multiple web browsers.

Option D) Evercookie is a cookie pollution tool - This option is incorrect. Evercookie is not a cookie pollution tool. It is a tool that creates persistent cookies.

The correct answer is A) Evercookie is a javascript API available that produces extremely persistent cookies in a browser. This option is correct because an Evercookie is a JavaScript API that creates persistent cookies in a web browser.