CS6262 Final Exam questions
with correct answers
1. Zero-day exploit - CORRECT ANSWERS ✔An attack that targets a
software vulnerability unknown to the vendor
2. Advanced Persistent Threat (APT) - CORRECT ANSWERS ✔A prolonged
and targeted cyberattack in which an intruder gains access to a network
and remains undetected for an extended period
3. Side-channel attack - CORRECT ANSWERS ✔An attack that exploits
physical characteristics of a system such as timing, power consumption,
or electromagnetic leaks
4. Return-oriented programming (ROP) - CORRECT ANSWERS ✔A
memory exploitation technique that chains together small sequences of
existing code (gadgets) to perform arbitrary operations
5. Row hammer attack - CORRECT ANSWERS ✔Repeatedly accessing
memory rows to induce bit flips in adjacent rows, bypassing memory
isolation
6. Meltdown vulnerability - CORRECT ANSWERS ✔A hardware bug that
allows a process to read kernel memory by exploiting out-of-order
execution and side channels
,7. Spectre vulnerability - CORRECT ANSWERS ✔A hardware bug that
tricks speculative execution into accessing unauthorized memory
regions
8. KRACK attack - CORRECT ANSWERS ✔A replay attack that forces
WPA2 clients to reuse nonces, enabling decryption of wireless traffic
9. BlueBorne attack vector - CORRECT ANSWERS ✔Exploits Bluetooth
implementations to execute arbitrary code or perform man-in-the-
middle attacks
10.EternalBlue exploit - CORRECT ANSWERS ✔Exploits a SMBv1
vulnerability in Windows to enable remote code execution and worm-
like propagation
11.Heartbleed bug - CORRECT ANSWERS ✔A vulnerability in OpenSSL
that leaks private memory contents due to improper bounds checking in
heartbeat requests
12.Log4Shell (CVE-2021-44228) - CORRECT ANSWERS ✔A remote code
execution vulnerability in Log4j caused by JNDI lookup injection via
crafted log messages
13.PrintNightmare - CORRECT ANSWERS ✔A vulnerability in Windows
Print Spooler allowing remote code execution with system privileges
14.ProxyShell attack chain - CORRECT ANSWERS ✔Three chained
vulnerabilities in Microsoft Exchange that enable pre-authentication
remote code execution
, 15.Pwn2Own competition - CORRECT ANSWERS ✔An annual contest
where security researchers demonstrate zero-day exploits against widely
used software and devices
16.Firmware rootkit - CORRECT ANSWERS ✔Malware that resides in low-
level firmware (UEFI/BIOS) and survives OS reinstallation
17.DMA attack - CORRECT ANSWERS ✔Direct Memory Access attack
using Thunderbolt or FireWire ports to read physical memory without
OS involvement
18.Cold boot attack - CORRECT ANSWERS ✔Recovering encryption keys
from memory after power loss by rapidly rebooting into a malicious OS
19.Evil Maid attack - CORRECT ANSWERS ✔Physical attack where an
attacker gains brief access to a machine and modifies the bootloader or
firmware
20.TLS 1.3 downgrade attack - CORRECT ANSWERS ✔Forcing a
connection to fall back to an older, weaker TLS version by interfering
with handshake messages
21.BEAST attack (Browser Exploit Against SSL/TLS) - CORRECT
ANSWERS ✔A CBC-mode chosen-plaintext attack that decrypts
HTTPS cookies by exploiting TLS 1.0 block cipher behavior
22.CRIME attack (Compression Ratio Info-leak Made Easy) - CORRECT
ANSWERS ✔Exploits TLS compression to leak sensitive data by
measuring compressed payload length
with correct answers
1. Zero-day exploit - CORRECT ANSWERS ✔An attack that targets a
software vulnerability unknown to the vendor
2. Advanced Persistent Threat (APT) - CORRECT ANSWERS ✔A prolonged
and targeted cyberattack in which an intruder gains access to a network
and remains undetected for an extended period
3. Side-channel attack - CORRECT ANSWERS ✔An attack that exploits
physical characteristics of a system such as timing, power consumption,
or electromagnetic leaks
4. Return-oriented programming (ROP) - CORRECT ANSWERS ✔A
memory exploitation technique that chains together small sequences of
existing code (gadgets) to perform arbitrary operations
5. Row hammer attack - CORRECT ANSWERS ✔Repeatedly accessing
memory rows to induce bit flips in adjacent rows, bypassing memory
isolation
6. Meltdown vulnerability - CORRECT ANSWERS ✔A hardware bug that
allows a process to read kernel memory by exploiting out-of-order
execution and side channels
,7. Spectre vulnerability - CORRECT ANSWERS ✔A hardware bug that
tricks speculative execution into accessing unauthorized memory
regions
8. KRACK attack - CORRECT ANSWERS ✔A replay attack that forces
WPA2 clients to reuse nonces, enabling decryption of wireless traffic
9. BlueBorne attack vector - CORRECT ANSWERS ✔Exploits Bluetooth
implementations to execute arbitrary code or perform man-in-the-
middle attacks
10.EternalBlue exploit - CORRECT ANSWERS ✔Exploits a SMBv1
vulnerability in Windows to enable remote code execution and worm-
like propagation
11.Heartbleed bug - CORRECT ANSWERS ✔A vulnerability in OpenSSL
that leaks private memory contents due to improper bounds checking in
heartbeat requests
12.Log4Shell (CVE-2021-44228) - CORRECT ANSWERS ✔A remote code
execution vulnerability in Log4j caused by JNDI lookup injection via
crafted log messages
13.PrintNightmare - CORRECT ANSWERS ✔A vulnerability in Windows
Print Spooler allowing remote code execution with system privileges
14.ProxyShell attack chain - CORRECT ANSWERS ✔Three chained
vulnerabilities in Microsoft Exchange that enable pre-authentication
remote code execution
, 15.Pwn2Own competition - CORRECT ANSWERS ✔An annual contest
where security researchers demonstrate zero-day exploits against widely
used software and devices
16.Firmware rootkit - CORRECT ANSWERS ✔Malware that resides in low-
level firmware (UEFI/BIOS) and survives OS reinstallation
17.DMA attack - CORRECT ANSWERS ✔Direct Memory Access attack
using Thunderbolt or FireWire ports to read physical memory without
OS involvement
18.Cold boot attack - CORRECT ANSWERS ✔Recovering encryption keys
from memory after power loss by rapidly rebooting into a malicious OS
19.Evil Maid attack - CORRECT ANSWERS ✔Physical attack where an
attacker gains brief access to a machine and modifies the bootloader or
firmware
20.TLS 1.3 downgrade attack - CORRECT ANSWERS ✔Forcing a
connection to fall back to an older, weaker TLS version by interfering
with handshake messages
21.BEAST attack (Browser Exploit Against SSL/TLS) - CORRECT
ANSWERS ✔A CBC-mode chosen-plaintext attack that decrypts
HTTPS cookies by exploiting TLS 1.0 block cipher behavior
22.CRIME attack (Compression Ratio Info-leak Made Easy) - CORRECT
ANSWERS ✔Exploits TLS compression to leak sensitive data by
measuring compressed payload length
