CMIT 321 Final Exam Version 3. Questions And Answers. Latest Exam.Question 1 (1 point)
Saved
The attacker uses the following attack, in order to listen
... [Show More] to the
conversation between the user and the server and captures the
authentication token of the user. With this authentication token, the
attacker replays the request to the server with the captured
authentication token and gains unauthorized access to the server
Question 1 options:
Session Replay attack
Session Fixation attacks
Session hijacking using proxy servers
Client side attacks
Question 2 (1 point)
Saved
From the following identify the technique through which an attacker
distributes malware on the web by sending a malware attached email
and tricking the victim to click the attachment.
Question 2 options:
Social Engineered Click-jacking
Spearphishing Sites
Spam Emails
Drive-by Downloads
Question 3 (1 point)
Saved
Vulnerability management life cycle is an important process that
helps in finding and remediating security weaknesses before they are
exploited.
identify the phase that involves the remediation.
Question 3 options:
Pre-Assessment Phase
Vulnerability Assessment Phase
Risk Assessment Phase
Post Assessment Phase
Question 4 (1 point)
Saved
Attacker uses the ‘%00’ character prior to a string in order to bypass
detection mechanism. Identify the type of evasion technique used by
the attacker.
Question 4 options:
Case Variation
URL Encoding
Null Byte
Obfuscated Codes
Question 5 (1 point)
Saved
Using which port the attacker can compromise the entire network,
and receive a copy of every packet that passes through a switch
Question 5 options:
SPAN Port
TAP Port
UDP port
TCP port
Question 6 (1 point)
Saved
Identify the type of cloud computing, which provides virtual machines
and other abstracted hardware and operating systems which may be
controlled through a service API
Question 6 options:
Software-as-a-Service (SaaS)
Platform-as-a-Service (PaaS)
Infrastructure-as-a-Service (IaaS)
Virtual Service
Question 7 (1 point) [Show Less]