Application Security Vulnerabilities

Questions and Answers

What is the primary goal of most application attacks?

• To run arbitrary code on the system (correct)
• To disable the system in a denial of service attack
• To read and write data without privileges
• To crash the application system

What is the term used to describe when an attacker executes code on a system with elevated privileges?

• Remote code execution
• Application vulnerability
• Privilege escalation (correct)
• Arbitrary code execution

What is the primary benefit of performing detailed analysis of code or process execution in real-time?

• To eliminate the need for privilege escalation detection
• To detect application attacks (correct)
• To prevent arbitrary code execution
• To identify system vulnerabilities

What is the purpose of error handling in an application?

To provide a signal of an application attack (B)

What type of account is used to run a process, depending on the software configuration?

All of the above (D)

What is the term used to describe the transmission of code from one machine to another?

Remote code execution (A)

What could be located in the data section of the process?

Return addresses and pointers to previous stack frames (C)

What is the consequence of a buffer overflow error?

Data corruption and memory access violations (C)

What is the purpose of the strcpy function in the vulnerableFunction?

To copy the contents of input into buffer (A)

What is the size of the fixed-size character array buffer?

16 characters (A)

What happens when the input string is longer than 16 characters?

The buffer overflows (B)

What is the impact of a successful buffer overflow attack?

The attacker gains control of the process with elevated privileges (C)

What type of information should an application avoid revealing to an attacker during error handling?

Configuration or platform details (C)

What is the primary reason for testing user input in a program?

To ensure the data is valid and expected by the receiving process (B)

What type of attack involves submitting input that is too large to be stored in a variable assigned by the application?

Overflow-type attack (B)

What is a common characteristic of most application attacks?

They pass invalid or maliciously constructed data to the vulnerable process (D)

What is a common indication of an unsuccessful buffer overflow attack?

Unexplained crashes or error messages (A)

What is the primary goal of a buffer overflow attack?

To gain control of the system (B)

What is a potential consequence of an unhandled exception in a web application?

An error page may reveal the type and configuration of a database server (C)

What is a stack overflow?

A type of buffer overflow attack (A)

What is the primary goal of good programming practice when it comes to input handling?

To ensure the input is valid and expected by the receiving process (D)

What is the cause of a buffer overflow vulnerability?

A programming error when a process attempts to store data beyond the limits of a fixed-sized buffer (D)

What is the role of a buffer in a program?

To store expected data (C)

What is the term for a condition where more input is placed into a buffer than its capacity?

Buffer overrun (D)

What is the function of the PUSH instruction?

To add data to the stack (A)

What happens to the stack frame when a program function finishes executing?

It is unwound and ESP and EBP point back to the caller function's stack frame (B)

What is the purpose of the EBP register?

To keep track of the stack frame of the currently executing function (A)

What is the data structure of the stack?

Last-in, first-out (A)

What is the purpose of the POP instruction?

To remove data from the stack (B)

Flashcards are hidden until you start studying