What type of attack occurs when data goes beyond the memory areas allocated to an application

Definition: Buffer overflow occurs when a program tries to store more data in a temporary storage area than it can hold. Writing outside the allocated memory area can corrupt the data, crash the program or cause the execution of malicious code that can allow an attacker to modify the target process address space.

Description: Buffer overflow occurs when data that is written to buffer ends up corrupting data values in memory addresses as well. Buffer overflow attacks happen when bad programming practices (that supply the framework) leave open vulnerabilities. It is common in a few programming languages because they expose low level details of buffers for data types. Many memory manipulation functions in programming language do not operate bounds checking and can quickly overwrite the allocated buffers they operate upon. This is a common mistake in web application development. One needs to allocate buffers that are large enough or check for overflow problems. Buffer overflow can be present in web applications that serve the static and dynamic expression. Attackers use buffer overflows to damage the execution stack of web applications. It is not like the typical e-mail virus where users can protect themselves by not opening the attached files. In buffer overflow attacks, users do not even have to open the message to enable the attack. By detecting a variable within some bounds before it is used can prevent buffer overflows. In buffer overflow attacks, the additional data may contain codes designed to turn on specific actions, in effect conveying new instructions to the attacked computer.

Last Updated on October 18, 2019 by InfraExam

Cybersecurity Essentials 1.1 Final Quiz Answers 100% 2019

- black hat hackers
- gray hat hackers
- script kiddies
- white hat hackers
  
  Explanation:
  Hackers are classified by colors to help define the purpose of their break-in activities.
- They are trying to show off their hacking skills.
- They are interested in discovering new exploits.
- They are curious and learning hacking skills.
- They are part of a protest group behind a political cause.
  
  Explanation:
  Each type of cybercriminal has a distinct motivation for his or her actions.
- Infragard
- ISO/IEC 27000 program
- Honeynet project
- CVE database
  
  Explanation:
  Early warning systems help identify attacks and can be used by cybersecurity specialists to protect systems.
- SAN
- VPN
- NAC
- NAS
  
  Explanation:
  A cybersecurity specialist must be aware of the technologies available to enforce its organization’s security policy.
- stored data
- data in-transit
- encrypted data
- data in-process
  
  Explanation:
  A cybersecurity specialist must be familiar with the types of technologies used to store, transmit, and process data.

purged data
stored data
data in-process
data encrypted
data decrypted

data in-transit

Explanation:

A cybersecurity specialist must be aware of each of the three states of data to effectively protect data and information. Purged data was stored data. Encrypted and decrypted data can be in any of the three states.

- hashing
- identity management
- encryption
- RAID
  
  Explanation:
  A cybersecurity specialist must be aware of the technologies available which support the CIA triad.
- secrecy, identify, and nonrepudiation
- confidentiality, integrity, and availability
- technologies, policies, and awareness
- encryption, authentication, and identification
  
  Explanation:
  The CIA Triad is the foundation upon which all information management systems are developed.
- Implement strong passwords.
- Implement a VPN.
- Implement RAID.
- Update the operating system and other application software.
- Implement network firewalls.
- Install and update antivirus software.
  
  Explanation:
  A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.
- man-in-the-middle
- spoofing
- spamming
- sniffing
  
  Explanation:
  A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
- virus
- worm
- spam
- phishing
  
  Explanation:
  A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
- An attacker views network traffic to learn authentication credentials.
- An attacker builds a botnet comprised of zombies.
- An attacker sends an enormous quantity of data that a server cannot handle.
- One computer accepts data packets based on the MAC address of another computer.
  
  Explanation:
  A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
- buffer overflow
- RAM Injection
- SQL injection
- RAM spoofing
  
  Explanation:
  A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
- sniffing
- spoofing
- phishing
- spamming
  
  Explanation:
  A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
- Look for policy changes in Event Viewer.
- Scan the systems for viruses.
- Look for unauthorized accounts.
- Look for usernames that do not have passwords.
  
  Explanation:
  A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.

user login auditing
a biometric fingerprint reader
observations to be provided to all employees

a set of attributes that describes user access rights

Explanation:

Access control prevents unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.

administrative
technological
logical

physical

Explanation:

Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.

compensative
preventive
corrective

detective

Explanation:

Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.

- 3DES
- ECC
- RSA
- Diffie-Hellman
  
  Explanation:
  Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.
- the private key of Carol
- the public key of Bob
- the same pre-shared key he used with Alice
- a new pre-shared key
  
  Explanation:
  Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.
- Keyspace increases proportionally.
- Keyspace decreases exponentially.
- Keyspace decreases proportionally.
- Keyspace increases exponentially.
  
  Explanation:
  Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.

when the organization needs to repair damage
when the organization needs to look for prohibited activity
when the organization cannot use a guard dog, so it is necessary to consider an alternative

after the organization has experienced a breach in order to restore everything back to a normal state

Explanation:

Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.

- recovery control
- deterrent control
- compensative control
- detective control
  
  Explanation:
  A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.
- 800-900-4560, 4040-2020-8978-0090, 01/21/2013
- male, $25.25, veteran
- female, 9866, $125.50
- yes/no 345-60-8745, TRF562
  
  Explanation:
  A string is a group of letters, numbers and special characters. An integer is whole number. A decimal is a number that is not a fraction.
- salting
- AES
- HMAC
- MD5
  
  Explanation:
  The difference between HMAC and hashing is the use of keys.
- data hashing
- symmetrical encryption
- digital certificates
- asymmetrical encryption
  
  Explanation:
  Digital certificates protect the parties involved in secure communications.
- digital signature
- digital certificate
- asymmetric encryption
- salting
  
  Explanation:
  Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.

private key from Bob
private key from Alice
username and password from Alice

public key from Bob

Explanation:

Alice and Bob are used to explain asymmetric cryptography used in digital signatures. Alice uses a private key to encrypt the message digest. The message, encrypted message digest, and the public key are used to create the signed document and prepare it for transmission.

Hashing requires a public and a private key.
The hash function is a one-way mathematical function.
The output has a variable length.

The hash input can be calculated given the output value.

Explanation:

Data integrity is one of the three guiding security principles. A cybersecurity specialist should be familiar with the tools and technologies used ensure data integrity.

salting
HMAC
CRC

password

Explanation:

HMAC is an algorithm used to authenticate. The sender and receiver have a secret key that is used along with the data to ensure the message origin as well as the authenticity of the data.

- MD5
- SHA-256
- 3DES
- AES-256
  
  Explanation:
  Data integrity is one of the three guiding security principles. A cybersecurity specialist should be familiar with the tools and technologies used ensure data integrity.
- quantitative analysis
- exposure factor analysis
- loss analysis
- qualitative analysis
  
  Explanation:
  A qualitative or quantitative risk analysis is used to identify and prioritize threats to the organization.

asset classification
asset availability
asset standardization

asset identification

Explanation:

An organization needs to know what hardware and software are present as a prerequisite to knowing what the configuration parameters need to be. Asset management includes a complete inventory of hardware and software. Asset standards identify specific hardware and software products that the organization uses and supports. When a failure occurs, prompt action helps to maintain both access and security.

- management
- preventive
- detective
- corrective
  
  Explanation:
  A disaster recovery plan enables an organization to prepare for potential disasters and minimize the resulting downtime.
- detection and analysis
- confidentiality and eradication
- prevention and containment
- mitigation and acceptance
- containment and recovery
- risk analysis and high availability
  
  Explanation:
  When an incident occurs, the organization must know how to respond. An organization needs to develop an incident response plan that includes several phases.
- quantitative analysis
- qualitative analysis
- loss analysis
- protection analysis
  
  Explanation:
  A qualitative or quantitative risk analysis is used to identify and prioritize threats to the organization.
- obscurity
- limiting
- layering
- diversity
  
  Explanation:
  Defense in depth utilizes multiple layers of security controls.
- fault tolerance
- system resiliency
- single point of failure
- uninterruptible services
  
  Explanation:
  High availability can be achieved by eliminating or reducing single points of failure, by implementing system resiliency, and by designing for fault tolerance.

department stores at the local mall
the New York Stock Exchange
the U.S. Department of Education

the front office of a major league sports team

Explanation:

System and data availability is a critical responsibility of a cybersecurity specialist. It is important to understand the technologies, process, and controls used to protect provide high availability.

reduction
avoidance
acceptance

transfer

Explanation:

Risk mitigation lessens the exposure of an organization to threats and vulnerabilities by transferring, accepting, avoiding, or taking an action to reduce risk.

- NTP
- ping
- RIP
- DNS
  
  Explanation:
  ICMP is used by network devices to send error messages.
- strong authentication
- encrypted voice messages
- ARP
- SSH
  
  Explanation:
  Many advanced technologies such as VoIP, streaming video, and electronic conferencing require advanced countermeasures.

Local Security Policy tool
Event Viewer security log
Computer Management

Active Directory Security tool

Explanation:

A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities. Local Security Policy, Event Viewer, and Computer Management are Windows utilities that are all used in the security equation.

- rate of false positives and rate of acceptability
- rate of false negatives and rate of false positives
- rate of rejection and rate of false negatives
- rate of acceptability and rate of false negatives
  
  Explanation:
  In comparing biometric systems, there are several important factors to consider including accuracy, speed or throughput rate, and acceptability to users.
- WPA
- SSH
- SCP
- Telnet
  
  Explanation:
  Various application layer protocols are used to for communications between systems. A secure protocol provides a secure channel over an unsecured network.
- WPA
- TKIP
- WPA2
- 802.11i
- 802.11q
- WEP
  
  Explanation:
  Various protocols can be used to provide secure communication systems. AES is the strongest encryption algorithm.
- wireless poisoning
- wireless sniffing
- wireless IP spoofing
- man-in-the-middle
  
  Explanation:
  A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.

CERT
The National Vulnerability Database website
The Advanced Cyber Security Center

Internet Storm Center

Explanation:

There are several cybersecurity information websites that a cybersecurity specialist uses to evaluate the potential vulnerabilities of an organization. Some of these websites are the National Vulnerability Database, CERT, the Internet Storm Center, and the Advanced Cyber Security Center.

user-related threats
device-related threats
cloud-related threats

physical threats

Explanation:

Cybersecurity domains provide a framework for evaluating and implementing controls to protect the assets of an organization. Each domain has various countermeasures available to manage threats.

- device
- network
- physical facilities
- user
  
  Explanation:
  Cybersecurity domains provide a framework for evaluating and implementing controls to protect the assets of an organization.