Identify the name of attack.

Description: Its a quiz to identify the type of attack
Number of Questions: 6
Created by:
Tags: security technology
Attempted 0/6 Correct 0 Score 0
  1. keylogger

  2. brute force

  3. phishing

  4. e-mail spoofing

Correct Option: C

Alice access the following URL : http://www.testrun.com/%2e/2e%2e%2e@2e%2f/etc/passwd What is the name of the attack ?

  1. Buffer overflow

  2. Cross site scripting (XSS)

  3. Directory traversal

  4. Obfuscation

Correct Option: C

Name the attack: Technique used to access files and directories stored outside web root folder

  1. Insecure file upload

  2. Path Traversal

  3. Brute forcing

  4. Universal PDF XSS

Correct Option: B
  1. Web cache poisoning

  2. Account Harvesting

  3. Eaves dropping

  4. Cookie Poisoning

Correct Option: D

Name the attack: A software that uses a security hole to carry out an attack before the developer knows about the vulnerability.

  1. Zero day

  2. Unknown

  3. stealth

  4. Trojan

Correct Option: A

Name the attack: Hacker sends an e-mail that claims you have won a prize and all you have to do is click this link to claim your prize.

  1. session hijacking

  2. XSS

  3. HTTP Response splitting

  4. HTML Injection

Correct Option: B

AI Explanation

To answer this question, you need to understand different types of attacks. Let's go through each option to understand why it is correct or incorrect:

A. Session Hijacking - This attack involves stealing or hijacking a user's session to gain unauthorized access to a system. It is not relevant to the scenario described in the question.

B. XSS (Cross-Site Scripting) - This attack involves injecting malicious scripts into a website to steal sensitive information or perform unauthorized actions on behalf of the user. In the given scenario, the hacker is tricking the user into clicking a link, which could potentially lead to a malicious website or the execution of malicious scripts. Therefore, XSS is the correct answer.

C. HTTP Response Splitting - This attack involves manipulating the response headers of a web server to inject malicious content. It is not relevant to the scenario described in the question.

D. HTML Injection - This attack involves injecting malicious HTML code into a website to manipulate its content or execute unauthorized actions. While the scenario in the question involves clicking a link, it does not specifically mention injecting HTML code. Therefore, HTML Injection is not the correct answer.

The correct answer is B) XSS (Cross-Site Scripting). This option is correct because the scenario described aligns with the concept of tricking the user into clicking a link that could lead to the execution of malicious scripts.

- Hide questions