SQL injection attacks are becoming significantly more popular amongst hackers and there
has been an estimated 69 percent increase of this attack type.
This exploit is used to great effect by the hacking community since it is the primary way to
steal sensitive data from web applications. It takes advantage of non-validated input
vulnerabilities to pass SQL commands through a web application for execution by a backend
database.
The below diagram shows how attackers launched SQL injection attacks on web
applications.
Which of the following can the attacker use to launch an SQL injection attack?
A.
Blah' “2=2 –“
B.
Blah' and 2=2 --
C.
Blah' and 1=1 --
D.
Blah' or 1=1 --
Blah' or 1=1 --
QUESTIONNO: 127
What threat categories should you use to prioritize vulnerabilities detected in the pen
testing report?
A. 1, 2, 3, 4, 5
B. Low, medium, high, serious, critical
C. Urgent, dispute, action, zero, low
D. A, b, c, d, e
Answer: B
The amount of data stored in organizational databases has increased rapidly in recent
years due to the rapid advancement of information technologies. A high percentage of
these data is sensitive, private and critical to the organizations, their clients and partners.
Therefore, databases are usually installed behind internal firewalls, protected with intrusion
detection mechanisms and accessed only by applications. To access a database, users
have to connect to one of these applications and submit queries through them to the
database. The threat to databases arises when these applications do not behave properly
and construct these queries without sanitizing user inputs first.
Identify the injection attack represented in the diagram below:
A.
Frame Injection Attack
B.
LDAP Injection Attack
C.
XPath Injection Attack
D.
SOAP Injection Attack
LDAP Injection Attack
Reference: ehttps://www.blackhat.com/presentations/bh-europe-08/Alonso-
Parada/Whitepaper/bh-eu-08-alonso-parada-WP.pdf( page 3 to 5)
To locate the firewall, SYN packet is crafted using Hping or any other packet crafter and
sent to the firewall. If ICMP unreachable type 13 message (which is an admin prohibited
packet) with a source IP address of the access control device is received, then it means
which of the following type of firewall is in place?
A.
Circuit level gateway
B.
Stateful multilayer inspection firewall
C.
Packet filter
D.
Application level gateway
Packet filter
External penetration testing is a traditional approach to penetration testing and is more
focused on the servers, infrastructure and the underlying software comprising the target.
Itinvolves a comprehensive analysis of publicly available information about the target, such
as Web servers, Mail servers, Firewalls, and Routers.
Which of the following types of penetration testing is performed with no prior knowledge of
the site?
A.
Blue box testing
B.
White box testing
C.
Grey box testing
D.
Black box testing
Black box testing
Reference:http://books.google.com.pk/books?id=5m6ta2fgTswC&pg=SA5-PA4&lpg=SA5-
PA4&dq=penetration+testing+is+performed+with+no+prior+knowledge+of+the+site&sourc
e=bl&ots=8GkmyUBH2U&sig=wdBIboWxrhk5QjlQXs3yWOcuk2Q&hl=en&sa=X&ei=-
SgfVI2LLc3qaOa5gIgO&ved=0CCkQ6AEwAQ#v=onepage&q=penetration-testing-i
s-performed-with-no-prior-knowledge-of-the-site&f=false
You are conducting a penetration test against a company and you would like to know a
personal email address of John, a crucial employee. What is the fastest, cheapest way to
find out John’s email address.
A.
Call his wife and ask for his personal email account
B.
Call a receptionist and ask for John Stevens’ personal email account
C.
Search in Googlefor his personal email ID
D.
Send an email to John stating that you cannot send him an important spreadsheet
attachment file to his business email account and ask him if he has any other email
accounts
Send an email to John stating that you cannot send him an important spreadsheet
attachment file to his business email account and ask him if he has any other email
accounts
Page 9 out of 40 Pages |
Previous |