Back
0

Identify the name of attack.

Description: Its a quiz to identify the type of attack
Number of Questions: 6
Created by:
Tags: security technology
Start the Quiz
Attempted 0/6 Correct 0 Score 0

Name the attack: link to a fake website

technology security

  1. keylogger

  2. brute force

  3. phishing

  4. e-mail spoofing

Show answer
Correct Option: C

Alice access the following URL : http://www.testrun.com/%2e/2e%2e%2e@2e%2f/etc/passwd What is the name of the attack ?

technology security

  1. Buffer overflow

  2. Cross site scripting (XSS)

  3. Directory traversal

  4. Obfuscation

Show answer
Correct Option: C

Name the attack: Technique used to access files and directories stored outside web root folder

technology security

  1. Insecure file upload

  2. Path Traversal

  3. Brute forcing

  4. Universal PDF XSS

Show answer
Correct Option: B

Name the attack:Attacker manipulates the cookie parameter

technology security

  1. Web cache poisoning

  2. Account Harvesting

  3. Eaves dropping

  4. Cookie Poisoning

Show answer
Correct Option: D

Name the attack: A software that uses a security hole to carry out an attack before the developer knows about the vulnerability.
technology security

  1. Zero day

  2. Unknown

  3. stealth

  4. Trojan

Show answer
Correct Option: A
Explanation:

To answer this question, the user needs to have knowledge about cybersecurity and different types of attacks. The attack described in the question is a type of cyber attack that exploits a vulnerability before the developer is aware of it.

Option A is correct. This type of attack is called a "zero-day" attack. It refers to an attack that exploits a security vulnerability that the developer or vendor is unaware of and has not had time to patch. Zero-day attacks are particularly dangerous because they can be used to gain unauthorized access to systems or steal sensitive data without being detected.

Option B is incorrect because "unknown" is too broad of a term to refer to a specific type of attack.

Option C is incorrect because "stealth" is a term used to describe the ability of an attack to remain undetected. While zero-day attacks can certainly be stealthy, "stealth" is not the specific term used to describe this type of attack.

Option D is incorrect because a Trojan is a specific type of malware that disguises itself as a legitimate program in order to gain access to a system. While a Trojan can certainly be used in a zero-day attack, the two terms are not interchangeable.

Therefore, the correct answer is:

The Answer is: A. Zero day

Name the attack: Hacker sends an e-mail that claims you have won a prize and all you have to do is click this link to claim your prize.

technology security

  1. session hijacking

  2. XSS

  3. HTTP Response splitting

  4. HTML Injection

Show answer
Correct Option: B

AI Explanation

To answer this question, you need to understand different types of attacks. Let's go through each option to understand why it is correct or incorrect:

A. Session Hijacking - This attack involves stealing or hijacking a user's session to gain unauthorized access to a system. It is not relevant to the scenario described in the question.

B. XSS (Cross-Site Scripting) - This attack involves injecting malicious scripts into a website to steal sensitive information or perform unauthorized actions on behalf of the user. In the given scenario, the hacker is tricking the user into clicking a link, which could potentially lead to a malicious website or the execution of malicious scripts. Therefore, XSS is the correct answer.

C. HTTP Response Splitting - This attack involves manipulating the response headers of a web server to inject malicious content. It is not relevant to the scenario described in the question.

D. HTML Injection - This attack involves injecting malicious HTML code into a website to manipulate its content or execute unauthorized actions. While the scenario in the question involves clicking a link, it does not specifically mention injecting HTML code. Therefore, HTML Injection is not the correct answer.

The correct answer is B) XSS (Cross-Site Scripting). This option is correct because the scenario described aligns with the concept of tricking the user into clicking a link that could lead to the execution of malicious scripts.

- Hide questions
ADVERTISEMENT

Find more quizzes from top tags

general knowledge
3615 Quizzes
119858 Questions
 technology
307 Quizzes
36705 Questions
 sports
963 Quizzes
19148 Questions
 history
1187 Quizzes
13475 Questions
 physics
598 Quizzes
13441 Questions
 biology
1160 Quizzes
12174 Questions
 science & technology
551 Quizzes
11015 Questions
 chemistry
490 Quizzes
9892 Questions
 maths
518 Quizzes
9324 Questions
 softskills
0 Quizzes
7131 Questions