Module 03 Vulnerability Management |\ |\ |\ |\
exam questions with answers
|\ |\ |\
sensitive data exposure - CORRECT ANSWERS
|\ |\ |\ |\ |\ |\
✔✔Disclosing sensitive data to attackers. |\ |\ |\ |\
improper error handling - CORRECT ANSWERS ✔✔An error
|\ |\ |\ |\ |\ |\ |\
condition that can potentially provide an attacker with
|\ |\ |\ |\ |\ |\ |\ |\ |\
underlying access to the OS. |\ |\ |\ |\
dereferences - CORRECT ANSWERS ✔✔An action that |\ |\ |\ |\ |\ |\ |\
occurs when a program needs to access the value stored
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
in memory by using the pointer to that memory location.
|\ |\ |\ |\ |\ |\ |\ |\ |\
race condition - CORRECT ANSWERS ✔✔A software
|\ |\ |\ |\ |\ |\ |\
condition in which two concurrent threads of execution
|\ |\ |\ |\ |\ |\ |\ |\
access a shared resource simultaneously, resulting in
|\ |\ |\ |\ |\ |\ |\
unintended consequences. |\
insecure object reference - CORRECT ANSWERS ✔✔A
|\ |\ |\ |\ |\ |\ |\
condition that occurs when an application externally
|\ |\ |\ |\ |\ |\ |\
exposes a reference to an internal object.
|\ |\ |\ |\ |\ |\
, strcpy - CORRECT ANSWERS ✔✔An internal function of
|\ |\ |\ |\ |\ |\ |\ |\
the programming language C that can be used to copy a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
string to a destination buffer without checking the length
|\ |\ |\ |\ |\ |\ |\ |\ |\
of the destination buffer into which the string is being
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
copied.
weak configurations - CORRECT ANSWERS
|\ |\ |\ |\ |\
✔✔Configuration settings that are not properly |\ |\ |\ |\ |\ |\
implemented.
Default configurations - CORRECT ANSWERS ✔✔A setting
|\ |\ |\ |\ |\ |\ |\
predetermined by the vendor for usability and ease of use |\ |\ |\ |\ |\ |\ |\ |\ |\
(and not security) so the user can immediately begin
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
using the product. |\ |\
broken authentication - CORRECT ANSWERS
|\ |\ |\ |\ |\
✔✔Vulnerabilities introduced by poor authentication |\ |\ |\ |\ |\
practices that can open a broad pathway for a threat |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
actor to exploit. |\ |\
insufficient monitoring and logging - CORRECT ANSWERS |\ |\ |\ |\ |\ |\ |\
✔✔The failure to analyze log files for meaningful insights.
|\ |\ |\ |\ |\ |\ |\ |\
True or False: A dereference is to obtain from a pointer
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
the address of a data item held in another location. -
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
CORRECT ANSWERS ✔✔True |\ |\
exam questions with answers
|\ |\ |\
sensitive data exposure - CORRECT ANSWERS
|\ |\ |\ |\ |\ |\
✔✔Disclosing sensitive data to attackers. |\ |\ |\ |\
improper error handling - CORRECT ANSWERS ✔✔An error
|\ |\ |\ |\ |\ |\ |\
condition that can potentially provide an attacker with
|\ |\ |\ |\ |\ |\ |\ |\ |\
underlying access to the OS. |\ |\ |\ |\
dereferences - CORRECT ANSWERS ✔✔An action that |\ |\ |\ |\ |\ |\ |\
occurs when a program needs to access the value stored
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
in memory by using the pointer to that memory location.
|\ |\ |\ |\ |\ |\ |\ |\ |\
race condition - CORRECT ANSWERS ✔✔A software
|\ |\ |\ |\ |\ |\ |\
condition in which two concurrent threads of execution
|\ |\ |\ |\ |\ |\ |\ |\
access a shared resource simultaneously, resulting in
|\ |\ |\ |\ |\ |\ |\
unintended consequences. |\
insecure object reference - CORRECT ANSWERS ✔✔A
|\ |\ |\ |\ |\ |\ |\
condition that occurs when an application externally
|\ |\ |\ |\ |\ |\ |\
exposes a reference to an internal object.
|\ |\ |\ |\ |\ |\
, strcpy - CORRECT ANSWERS ✔✔An internal function of
|\ |\ |\ |\ |\ |\ |\ |\
the programming language C that can be used to copy a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
string to a destination buffer without checking the length
|\ |\ |\ |\ |\ |\ |\ |\ |\
of the destination buffer into which the string is being
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
copied.
weak configurations - CORRECT ANSWERS
|\ |\ |\ |\ |\
✔✔Configuration settings that are not properly |\ |\ |\ |\ |\ |\
implemented.
Default configurations - CORRECT ANSWERS ✔✔A setting
|\ |\ |\ |\ |\ |\ |\
predetermined by the vendor for usability and ease of use |\ |\ |\ |\ |\ |\ |\ |\ |\
(and not security) so the user can immediately begin
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
using the product. |\ |\
broken authentication - CORRECT ANSWERS
|\ |\ |\ |\ |\
✔✔Vulnerabilities introduced by poor authentication |\ |\ |\ |\ |\
practices that can open a broad pathway for a threat |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
actor to exploit. |\ |\
insufficient monitoring and logging - CORRECT ANSWERS |\ |\ |\ |\ |\ |\ |\
✔✔The failure to analyze log files for meaningful insights.
|\ |\ |\ |\ |\ |\ |\ |\
True or False: A dereference is to obtain from a pointer
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
the address of a data item held in another location. -
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
CORRECT ANSWERS ✔✔True |\ |\
