GCIH - Book 4 Exam Study Guide Questions And
Answers Verified 100% Correct
Warhol/Flash Technique - ANSWER an attacker pre-scans the internet from a fixed
system looking for machines that are vulnerable to the exploit code that will later be
loaded into the worm.
Polymorphic Worms - ANSWER dynamically change their appearance each time they
run, by scrambling their software code. These worms, only the appearance is altered,
no the function of the code
Metamorphic Worms - ANSWER These worms change their entire functionality.
Bots - ANSWER are software programs that perform some action on behalf of a
human, typically with little or no human intervention
A collection of bots under the control of a single attacker are called - ANSWER Botnets
People controlling the bots - ANSWER Botherders
Attackers often communicate with their bots using... - ANSWER IRC on standard ports
(TCP 6667)
Pluggable Authentication Modules (PAM) - ANSWER used in Linux, various BSD
platforms, Solaris, and HP-UX to extend the authentication functionality of the system.
they can link to a Radius Server and forces users to select passowrds difficult to guess
OWASP - ANSWER A nonprofit organization focused on improving the security of
software.
Account Harvesting - ANSWER the ability to discern valid userIDs based on how the
application responds when the user tries to authenticate.
two commands useful in determining if there is a command injection vulnerability -
ANSWER ping and nslookup
SQL injection: two most popular statement types - ANSWER select and update
Various tools automate scanning for SQL injection flaws include - ANSWER Nmap
Scripting Engine
Zed Attack Proxy
, Burp Suite
Sqlmap
in SQL 1=1 is always true and anything or true is true - ANSWER True
Cross-Site Scripting (XSS) - ANSWER An attack that injects scripts into a Web
application server to direct attacks at clients. It enables an attacker to steal information,
such as cookies from users of a vulnerable website.
When the XSS script is stored on the target website - ANSWER "Stored XSS" attack
Jikto - ANSWER a tool that is a series of browser scripts. It performs a Nikto scan (web
scanner) of internal websites using XSS functionality
NoScript Firefox Extension - ANSWER enables users to select certain sites from which
they allow scripts to run, blocking all scripts from other sites. Additionally, it includes
logic to detect suspicious scripting activity, even from allowed sites, which may indicate
an XSS attack.
URL Session Tracking - ANSWER With this technique, the sessionID is passed in the
URL. So on the browser location line, you see the sessionID number or set of
characters
Hidden Form Elements - ANSWER Are actually elements in the HTML, but they are
hidden.
Tamper Data, Firebu and Add N Edit Cookies - ANSWER examples of browsers and
add-ons for manipulating HTTP requests
Zap Attack Proxy, Burp Proxy, w3af, Fiddler - ANSWER examples of web app attack
proxies (pg. 146)
Web Application Firewall - ANSWER A special type of application-aware firewall that
looks at the applications using HTTP.
DoS - ANSWER involves an attacker preventing legitimate users from accessing a
service.
Two Categories of DoS - ANSWER Local DoS and network-based DoS.
Local DoS - ANSWER are run from an account on the Victim's machine.
CpuHog - ANSWER Creates a process with a high priority on a Windows machine.
Network based DoS - ANSWER launched on a network. two types: malformed packet
Answers Verified 100% Correct
Warhol/Flash Technique - ANSWER an attacker pre-scans the internet from a fixed
system looking for machines that are vulnerable to the exploit code that will later be
loaded into the worm.
Polymorphic Worms - ANSWER dynamically change their appearance each time they
run, by scrambling their software code. These worms, only the appearance is altered,
no the function of the code
Metamorphic Worms - ANSWER These worms change their entire functionality.
Bots - ANSWER are software programs that perform some action on behalf of a
human, typically with little or no human intervention
A collection of bots under the control of a single attacker are called - ANSWER Botnets
People controlling the bots - ANSWER Botherders
Attackers often communicate with their bots using... - ANSWER IRC on standard ports
(TCP 6667)
Pluggable Authentication Modules (PAM) - ANSWER used in Linux, various BSD
platforms, Solaris, and HP-UX to extend the authentication functionality of the system.
they can link to a Radius Server and forces users to select passowrds difficult to guess
OWASP - ANSWER A nonprofit organization focused on improving the security of
software.
Account Harvesting - ANSWER the ability to discern valid userIDs based on how the
application responds when the user tries to authenticate.
two commands useful in determining if there is a command injection vulnerability -
ANSWER ping and nslookup
SQL injection: two most popular statement types - ANSWER select and update
Various tools automate scanning for SQL injection flaws include - ANSWER Nmap
Scripting Engine
Zed Attack Proxy
, Burp Suite
Sqlmap
in SQL 1=1 is always true and anything or true is true - ANSWER True
Cross-Site Scripting (XSS) - ANSWER An attack that injects scripts into a Web
application server to direct attacks at clients. It enables an attacker to steal information,
such as cookies from users of a vulnerable website.
When the XSS script is stored on the target website - ANSWER "Stored XSS" attack
Jikto - ANSWER a tool that is a series of browser scripts. It performs a Nikto scan (web
scanner) of internal websites using XSS functionality
NoScript Firefox Extension - ANSWER enables users to select certain sites from which
they allow scripts to run, blocking all scripts from other sites. Additionally, it includes
logic to detect suspicious scripting activity, even from allowed sites, which may indicate
an XSS attack.
URL Session Tracking - ANSWER With this technique, the sessionID is passed in the
URL. So on the browser location line, you see the sessionID number or set of
characters
Hidden Form Elements - ANSWER Are actually elements in the HTML, but they are
hidden.
Tamper Data, Firebu and Add N Edit Cookies - ANSWER examples of browsers and
add-ons for manipulating HTTP requests
Zap Attack Proxy, Burp Proxy, w3af, Fiddler - ANSWER examples of web app attack
proxies (pg. 146)
Web Application Firewall - ANSWER A special type of application-aware firewall that
looks at the applications using HTTP.
DoS - ANSWER involves an attacker preventing legitimate users from accessing a
service.
Two Categories of DoS - ANSWER Local DoS and network-based DoS.
Local DoS - ANSWER are run from an account on the Victim's machine.
CpuHog - ANSWER Creates a process with a high priority on a Windows machine.
Network based DoS - ANSWER launched on a network. two types: malformed packet
