You have a request ? Contact Us Join Us
Home
Cybersecurity
IBM

Network Security & Database Vulnerabilities

Answers of IBM Cybersecurity Analyst Professional Certificate
Estimated read time: 59 min

Network Security & Database Vulnerabilities

Module 1 – TCP/IP Framework

Introduction to the TCP/IP Protocol Framework

1. Which four (4) factors does a stateless firewall look at to determine if a packet should be allowed pass?
  • if the packet belongs to an open session
  • the source IP address ✔
  • the destination port ✔
  • the service or protocol used ✔
  • the destination IP address ✔
2. Can a single firewall conduct both a stateless and stateful inspection?
Yes but not on the same packet. A decision is made which type of inspection will be most effective on a packet-by-packet bases.
  • Yes, the stateless inspection is conducted first and then a stateful inspection is done. ✔
  • No, the latency created by a double inspection is too great to be practical.
  • No, stateless and stateful firewalls are distinctly different and used for different purposes.
3. True or False: An Intrusion Prevention System (IPS) is generally a passive device that listens to network traffic and alerts an administrator when a potential problem is detected?
  • True
  • False ✔
4. Network Address Translation (NAT) typically conducts which of the following translations?
  • An IP address to a physical address and vice versa.
  • A MAC address to an IP address and vice versa.
  • A private network IP address to a public network IP address and vice versa. ✔
  • An IP address to a domain name and vice versa.
5. Which type of NAT routing allows one-to-one mapping between local and global addresses?
  • Dynamic
  • Kinetic
  • Overload
  • Static ✔

Network Protocols Over Ethernet and Local Area Networks

1. Which network layer do IP addresses belong to?
  • The Physical Layer
  • The Network Layer ✔
  • The Data Link Layer
  • The Application Layer
2. Which address assures a packet is delivered to a computer on a different network segment from the sender?
  • The IP Address ✔
  • The MAC address.
  • The DHCP Address
  • The DNS Address
3. A network device that is capable of sending and receiving data at the same time is referred to as which of the following?
  • Unidirectional
  • Monoplex
  • Half duplex
  • Full duplex ✔
4. True or False: Collision avoidance protocols are critical to the smooth operation of modern networks.
  • True
  • False ✔
5. Comparing bridges with switches, which are three (3) characteristics specific to a bridge?
  • Full-duplex transmission.
  • End-user devices share bandwidth on each port. ✔
  • Virtual LANs are possible.
  • Each port is dedicated to a single device; bandwidth is not shared.
  • Virtual LANs are not possible. ✔
  • Half-duplex transmission. ✔
6. True or False: Switches solved the problem of network loops and improved performance of multicast/broadcast traffic.
  • True
  • False ✔

Basics of Routing and Switching, Network Packets and Structures

1. If a network server has four (4) network interface cards, how many MAC addresses will be associated with that server?
  • 4 ✔
  • 2
  • 1
  • 0
2. True or False: When you connect your laptop to a new network, a new IP address must be assigned, either automatically or manually.
  • True ✔
  • False
3. What does the Address Resolution Protocol (ARP) do when it needs to send a message to a location that is outside its broadcast domain?
  • ARP looks up the address in the ARP Table.
  • ARP drops the packet as undeliverable.
  • ARP sends the message to the MAC address of the default gateway. ✔
  • ARP sends a message to the destination IP address asking for its MAC address.
4. Routing tables are maintained by which of the following devices?
  • Only on routers, switches, and hubs.
  • On any network connected device. ✔
  • Only on routers and network gateways.
  • Only on routers.
5. What is the purpose of a default gateway?
  • It translates IP addresses to MAC addresses and vice versa.
  • It manages all network traffic.
  • It forwards messages coming from, or going to, external networks. ✔
  • It manages network traffic on the local subnet only.
6. If a message is being sent to a computer that is identified in the computer’s routing table, what type of connection would be established?
  • Static
  • Default
  • Direct ✔
  • Dynamic

TCP/IP Framework

1. What is meant by “stateless” packet inspection?
  • It is a packet-by-packet inspection with no awareness of previous packets. ✔
  • It is the inspection of packets by non-state actors, such as private telecom companies.
  • It is the inspection of a packet’s source and destination IP addresses only.
  • It is the inspection of a packet’s service or protocols used only.
2. True or False: An Intrusion Detection System (IDS) is generally a passive device that listens to network traffic and alerts an administrator when a potential problem is detected?
  • True ✔
  • False
3. True or False: The primary difference between an Intrusion Detection System (IDS) and an Intrusion Prevention System (IPS) is that an IDS is designed as a passive system that listens and alerts while an IPS is an active system that is designed to take action when a problem is detected?
  • True ✔
  • False
4. Which intrusion system does not add any delay to network traffic?
  • Intrusion Detection System (IDS). ✔
  • Intrusion Prevention System (IPS).
5. How does using Network Address Translation (NAT) provide an additional layer of security to your network?
  • By blocking traffic from known malware sites.
  • By hiding the real IP addresses of all the devices on your private network and exposing only a single public IP address. ✔
  • By requiring a certificate exchange to authenticate the source of external IP addresses before allowing them through the firewall.
  • By assigning a different false IP address to traffic leaving your network and translating it back to the real internal IP addresses on incoming traffic.
6. Which type of NAT routing maps unregistered IP addresses to a single registered IP address allowing thousands of users to be connected to the Internet using only a single global IP address?
  • Dynamic
  • Kinetic
  • Static
  • Overload ✔
7. Which network layer do MAC addresses belong to?
  • The Data Link Layer. ✔
  • The Physical Layer.
  • The Application Layer.
  • The Network Layer.
8. Which address assures a packet is delivered to a computer on the same network segment as the sender?
  • The Gateway address.
  • The IP address.
  • The DNS address.
  • The MAC address. ✔
9. A network device that cannot send and receive data at the same time is referred to as which of the following?
  • Full duplex
  • Unidirectional
  • Monoplex
  • Half duplex ✔
10. When a NIC reads a packet header and sees the destination address is not its own address, what does it do with the packet?
  • It returns the packet to the sender with a delivery error message.
  • It forwards the packet to the correct address if it is in the same network or the gateway if it is not.
  • It discards the packet. ✔
  • It reads the contents of the packet.
11. True or False: Switches can connect two geographically dispersed networks.
  • True
  • False ✔
12. What is the main function of the Address Resolution Protocol (ARP)?
  • To translate a MAC address to an IP address and vice versa. ✔
  • To translate a logical address to an IP address and vice versa.
  • To translate a physical address to an IP address and vice versa.
  • To translate a gateway address to an IP address and vice versa.
13. What does a router do when it needs to send a packet to an address that is not in its routing table?
  • It drops the packet as undeliverable.
  • It forwards the packet to the default gateway. ✔
  • It sends out a broadcast message looking for the correct system to reply with a confirmation message.
  • It returns the packet to the sender to deal with.
14. What happens to messages sent from a computer that has no gateway address specified?
  • Messages sent to other computers on the same subnet will not be delivered but those destined to computers on other networks will be delivered.
  • Messages sent to other computers on the same subnet and those destined to computers on other networks will be delivered.
  • Messages sent to other computers on the same subnet will be delivered but those destined to computers on other networks will not be delivered. ✔
  • No messages will be delivered.
 

Module 2 – Basic of IP Addressing and the OSI Model

Basics of IP Addressing

1. The binary (base 2) number “0101” is how much in decimal (base 10)?
  • 3
  • 5 ✔
  • 9
  • 1
2. The IP address range goes from 0.0.0.0 to 255.255.255.255 and is known as the “four octets”. Why are these 4 numbers called octets?
  • They form a total of 8 subranges.
  • This was the eighth version of the IP address range to be adopted by the Internet Standards Committee (and the first to gain widespread acceptance.)
  • The inventor noted the similarity to the “octives” in piano music.
  • The number 255 in decimal takes up 8 digits in binary. ✔
3. How many octets are used to define the network portion of the IP address in a Class C network?
  • 0
  • 1
  • 2
  • 3 ✔
4. True or False: A routable protocol is a protocol whose packets may leave your network, pass through your router, and be delivered to a remote network.
  • True ✔
  • False
5. True or False: The destination address is defined in the packet header but the source address is in the packet footer.
  • True
  • False ✔
6. Which network mask belongs to a Class A network?
  • 255.255.255.0
  • 255.0.0.0 ✔
  • 255.255.255.255
  • 0.0.0.0
7. IPv6 changes the IP address from a 32 bit address used in IPv4 to a 128 bit address. This results in which of the following?
  • Many billions of times as many possible IP addresses. ✔
  • Four times as many possible IP addresses.
  • The same number of possible IP addresses, but expressed with greater precision.
  • The same number of possible host addresses but many more network addresses.
8. Which IPv4 addressing schema would you use to send a message to select group systems on the network?
  • Unicast
  • Broadcast
  • Simulcast
  • Multicast ✔

 TCP/IP Layer 4, Transport Layer Overview

1. True or False: Utilities such as TFTP, DNS and SNMP utilize the UDP transport protocol.
  • True ✔
  • False
Correct, Utilities such as TFTP, DNS and SNMP utilize the UDP transport protocol.
2. True or False: The UDP transport protocol is faster than the TCP transport protocol.
  • True ✔
  • False
Correct, The UDP transport protocol is faster than the TCP transport protocol.
3. Which four (4) of these are characteristic of the UDP transport protocol?
  • Ordered data; duplicate detection
  • Unreliable ✔
  • Connection-oriented
  • Flow control
  • Unordered data; duplicates possible ✔
  • Reliable
  • Connectionless ✔
  • No flow control ✔

TCP/IP Layer 5, Application Layer Overview

1. What is the primary function of DNS?
  • To convert MAC addresses to domain names and vice versa.
  • To translate domain names to IP addresses and vice versa. ✔
  • To filter out domains not authorized access to the local network.
  • To assign domain names to new endpoints.
2. How does a new endpoint know the address of the DHCP server?
  • The endpoint sends an inquiry to the gateway and the gateway responds with the address of the DHCP server.
  • The DHCP server is always located on the gateway.
  • The endpoint sends a DHCP Discover broadcast request to all endpoints on the local network. ✔
  • The administrator must input the IP address of the DHCP server in the endpoint’s network configuration.
3. Which Syslog layer contains the actual message contents?
  • Syslog Application
  • Syslog Content ✔
  • Syslog Message
  • Syslog Transport
4. True or False: Setting the correct Syslog Severity Level on systems helps keep the Syslog server from being flooded by the millions of messages that could be generated by these systems.
  • True ✔
  • False
5. True or False: The Syslog message typically includes the severity level, facility code, originator process ID, a time stamp, and the hostname or IP address of the originator device.
  • True ✔
  • False
6. Why is port mirroring used?
  • To provide a stream of all data entering or leaving a specific port for debugging or analysis work. ✔
  • To make the network faster by providing two parallel ports through which data can flow.
  • To make the network more reliable by providing a redundant path for all traffic destined for a specific port.
  • To provide an independent data stream for when two processes must operate on the same incoming data.

 Firewalls, Intrusion Detection and Intrusion Prevention Systems

1. What is the main difference between a Next Generation Firewall (NGFW) and a traditional firewall?
  • NGFW do essentially the same thing as traditional firewalls but can handle substantially more network traffic per firewall.
  • NGFW use sessions.
  • NGFW inspect both TCP and UDP traffic while traditional firewalls inspect TCP traffic only. ✔
  • NGFW inspect all 7 network layers.
2. True or False: Unlike traditional stateful firewalls, next-generation firewalls drill into traffic to identify the applications traversing the network.
  • True ✔
  • False
3. What are the two (2) primary methods used by Intrusion Prevention Systems (IPS) to discover an exploit?
  • Layer interleave-based detection.
  • Signature-based detection. ✔
  • Statistical anomaly-based detection. ✔
  • Transport layer variance detection.
4. If your nontechnical manager told you that you must configure your traditional second-generation firewalls to block all users on your network from posting messages on Facebook from their office computers, how would you carry out this request?
  • You would have to block all social media access from your network.
  • You would have to block any IP addresses used by Facebook. ✔
  • You would have to block all HTTP traffic from entering or leaving your network.
  • Specific sites cannot be blocked using a traditional firewall.

 Clustering and High Availability Systems

1. Which condition should apply in order to achieve effective clustering and failover among your firewalls?
  • The firewall hardware should be identical.
  • The firewall operating systems should be identical.
  • There should be direct connections between the primary and secondary nodes.
  • All of the above. ✔

 Basics of IP Addressing and the OSI Model

1. How would you express 15 in binary (base 2)?
  • 10000
  • 01010
  • 01111 ✔
  • 01001
2. How many octets are used to define the network portion of the IP address in a Class A network?
  • 0
  • 3
  • 2
  • 1 ✔
3. The device used to separate the network portion of an IP address from the host portion is called what?
  • The host mask.
  • The network separation filter.
  • The address filter.
  • The subnet mask. ✔
4. The IP header contains a time-to-live (TTL) value. How is this value expressed?
The number of delivery attempts that may be made before the packet is returned to the source address as undeliverable.
  • The number of seconds a packet may live if not delivered.
  • The number of minutes a packet may live if it is not delivered.
  • The number of Layer 3 devices (hubs, routers, etc.) the packet is allowed to pass through before it is dropped. ✔
5. Which is the host portion of this IP address 192.168.52.3/24?
  • 192.168.52
  • 24
  • 168.52.3
  • 3 ✔
6. Which network mask belongs to a Class C network?
  • 255.255.255.255
  • 255.0.0.0
  • 0.0.0.0
  • 255.255.255.0 ✔
7. Which IPv4 addressing schema would you use to send a message to all systems on the network?
  • Unicast
  • Multicast
  • Simulcast
  • Broadcast ✔
8. Which three (3) of the following are legitimate IPv6 addressing schemas?
  • Broadcast
  • Multicast ✔
  • Unicast ✔
  • Anycast ✔
9. True or False: Utilities such as TFTP, DNS and SNMP utilize the TCP transport protocol.
  • True
  • False ✔
10. Which two (2) of these fields are included in a UDP header?
  • Source Port ✔
  • Source IP Address
  • Destination IP Address
  • Destination Port ✔
11. Which four (4) of these are characteristic of the TCP transport protocol?
  • Unreliable
  • Connection-oriented ✔
  • Connectionless
  • Ordered data; duplicate detection ✔
  • Flow control ✔
  • Reliable ✔
12. How does an endpoint know the address of the DNS server?
  • The endpoint sends out a DNS Discover broadcast request to all endpoints on the local network.
  • The endpoint sends an inquiry to the gateway and the gateway responds with the address of the DNS server.
  • It is manually configured in the network settings by the administrator or obtained from the DHCP server. ✔
  • The DNS server is always located on the gateway.
13. What is the primary function of DHCP?
  • To translate domain names to IP addresses and vice versa.
  • To collect host names present on a local network segment.
  • To automatically assign IP addresses to systems. ✔
  • To automatically assign MAC addresses to systems.
14. Which Syslog layer handles the routing and storage of a Syslog message?
  • Syslog Application ✔
  • Syslog Content
  • Syslog Message
  • Syslog Transport
15. Which of the following flow data are gathered by utilities such as NetFlow?
  • Packet count and byte count.
  • Source and destination TCP/UDP ports.
  • Source and destination IP addresses.
  • Routing and peering data such as TCP flags and protocol.
  • All of the above. ✔
16. When a network interface card in operating in promiscuous mode, what action does it take?
  • The NIC sends out one false, or “promiscuous” packet for every legitimate packet it sends to interfere with eavesdropping operations.
  • The NIC forwards promiscuous packets to the Promiscuous Server.
  • The NIC sends all packets to the CPU for processing instead of only those packets indicated for its MAC address. ✔
  • The NIC filters out dangerous or “promiscuous” packets.
17. If a packet is allowed to pass through a NGFW based upon the established firewall rules and a new session is established, how does the NGFW treat the next packet it encounters from the same session?
  • Subsequent packets of the same session are automatically allowed. ✔
  • Subsequent packets that arrive within the Session Interval configured for that firewall will be allowed to pass without inspection. The first packet that arrives after the session interval expires will trigger the creation of a new session.
  • Every packet is inspected and allowed or denied based upon the same firewall rules that applied to the first packet.
  • The subsequent packets are inspected based on session-specific rules, not the packet-specific rules that were used to inspect the first packet in the session.
18. If your nontechnical manager told you that you must configure your next generation firewalls (NGFW) to block all users on your network from posting messages on Facebook from their office computers, what would be the consequence of carrying out his order?
  • No serious consequence, application-level inspection and blocking can be configured. ✔
  • You would have to block all social media access from your network.
  • You would have to block all access to Facebook from your network.
  • You would have to block all HTTP traffic from entering or leaving your network.
19. Monitoring network traffic and comparing it against an established baseline for normal use is an example of which form of intrusion detection?
  • Signature-based detection
  • Statistical anomaly-based detection ✔
  • Traffic Variance Analysis
  • Traffic Impact Analysis
20. Which are three (3) characteristics of a highly available system?
  • Redundancy ✔
  • Independence
  • Failover ✔
  • Geographically dispersed
  • Monitoring ✔

Module 3 – Introduction to Databases

 Types of Data

1. True or False: If all of your organization’s data is centralized in a small number of data centers, than focusing security on perimiter defense is adequate to assure your data is safe.
  • True
  • False ✔
2. Which two (2) of the following data source types are considered structured data?
  • Data warehouses ✔
  • Big data databases
  • Distributed databases ✔
  • File Shares
3. Data that has not been organized into a specialized repository, but does have associated information, such as metadata that makes it more amenable to processing than raw data, is an example of which data model type?
  • Raw data
  • Structured data
  • Unstructured data
  • Semi-structured data ✔
4. How are the tables in a relational database linked together?
  • Tables are organized in a hierarchical manner so Table 2 always follows Table 1 and so forth.
  • Through the use of primary and foreign keys. ✔
  • Table connection diagrams are defined in the database configuration settings.
  • By adding a pointer as the last field of each record in a table that points to the first field in the next table.

Securing Databases

1. In the video Securing the Crown Jewels, the “Identification and Baseline” phase contains which three (3) of the following items?
  • Blocking & Quarantine
  • Activity Monitoring
  • Discovery & Classification ✔
  • Vulnerability Assessment ✔
  • Entitlements Reporting ✔
2. In the video Leveraging Security Industry Best Practices, which US Government agency is a co-publisher of the Database Security Requirements Guide (SRG)?
  • Federal Bureau of Investigation (FBI)
  • Central Intelligence Agency (CIA)
  • Department of Defense (DoD) ✔
  • Center for Internet Security (CIS)
3. For added security, a firewall is often placed between which of these?
  • The client and the application.
  • The database and the hardened data repository. ✔
  • The database administrator and the database.
  • The application and the database.
4. True or False: In a vulnerability assessment test, a new commercial database installed on a new instance of a major operating system should pass 80-90% of the vulnerability tests out-of-the-box unless there is a major flaw or breach.
  • True
  • False ✔
5. Which of these hosting environments requires the enterprise to manage the largest number of different data sources?
  • PaaS
  • On Premises ✔
  • SaaS
  • IaaS
6. While data security is an ongoing process, what is the correct order to consider these steps?
  • Discover, Monitor & Protect, Harden, Repeat
  • Discover, Harden, Monitor & Protect, Repeat ✔
  • Harden, Discover, Monitor & Protect, Repeat
  • Monitor & Protect, Discover, Harden, Repeat

 A Data Protection Solution Example, IBM Security Guardium Use Cases

1. In setting up policy rules for data monitoring, what is the purpose of “exclude” rules?
  • To exclude certain commands from being executed.
  • To exclude individual accounts from accessing data.
  • To exclude certain applications or safe activities from being logged. ✔
  • To exclude someone from accessing certain database tables.
2. True or False: Data monitoring products such as IBM Guardium can send access alerts to syslog for manual intervention by a security analyst but must be connected to addition applications if automated interventions are desired.
  • True
  • False ✔
3. To created auditable reports of data access using the IBM Guardium product, the administrator would do which of the following?
  • All standard reports are considered auditable.
  • Develop a custom report and turn on Audit Locking to assure the results cannot be tampered with.
  • Use the Audit Process Builder feature to automate the reporting process. ✔
  • Export standard access logs to Excel or another reporting tool for sorting and processing.
4. True or False: The IBM Guardium monitoring applications is capable of monitoring activities in non-relational databases such as Hadoop, Cognos, and Spark.
  • True ✔
  • False
5. At a minimum, which 3 entities should be captured in any event log?
  • When the activity took place. ✔
  • Which database tables were associated with the activity.
  • Who or what committed the activity. ✔
  • Whether the attempted activity was completed successfully.
  • What activity took place. ✔
6. True of False: In the IBM Guardium data monitoring tool, the number of failed login attempts that would trigger an alert are always counted since the last successful login.
  • True
  • False ✔
7. Which activity should be considered suspicious and might indicate inappropriate activity is being attempted?
  • A known user attempts to run invalid SQL statements against data his ID is authorized to access.
  • A user routinely enters the incorrect password once or twice before entering the correct password for his account.
  • Data accessed by an accounting application dramatically increases in the last few days of every month.
  • Attempts are made to access data using nonstandard tools, such as MS Excel or MS Access, rather than through the application the data belongs to. ✔
8. Which two (2) activities should be considered suspicious and warrant further investigation?
  • owner. ✔
  • An authorized user attempts to run SQL statements with invalid syntax.
  • Use of an Application ID from a hostname that is different from what has been specified by the application owner. ✔
  • It takes an authorized user 3 attempts to enter the correct password.

 Introduction to Databases

1. Distributed databases, data warehouses, big data, and File shares are all classified as what?
  • Data models
  • Database types
  • Data source types ✔
  • Data center types
2. Hadoop, MongoDB, and BigTable are all examples of which data source type?
  • Data warehouses
  • Big data databases ✔
  • Distributed databases
  • File Shares
3. Data that has been organized into a formatted repository, typically a database, so its elements can be made addressable, is an example of which data model type?
  • Structureless data
  • Semi-structured data
  • Unstructured data
  • Structured data ✔
4. Which of the following is the primary difference between a flat file database and a relational database?
  • All the data in a relational database is stored in a single table.
  • All the data in a flat file database is stored in a single table. ✔
  • Flat file databases consist of a table that references internally stored files.
  • Flat file databases consist of a table that references externally stored files.
5. In the video Leveraging Security Industry Best Practices, where would you turn to look for help on establishing security benchmarks for your database?
  • Common Vulnerability and Exposures (CVE).
  • Center for Internet Security (CIS). ✔
  • Department of Defense/Defence Information Systems Agency (DoD/DISA).
  • Central Intelligence Agency (CIA).
6. Most of the time, how do users access data?
  • Through an application. ✔
  • Through a database client.
  • Directly from a hardened repository.
  • Directly from a database.
7. True or False: In a vulnerability assessment test, it is not uncommon to fail more than 50% of the tests before the operating system and database are hardened.
  • True ✔
  • False
8. What distinguishes structured data from unstructured data?
  • Structured data is associated with metadata, while unstructured data relies on specialized repositories such as databases.
  • Structured data is harder to access and process than unstructured data.
  • Structured data is data organized into a formatted repository, making it easily addressable, whereas unstructured data lacks any form of organization. ✔
  • Structured data is the least organized and hardest to understand, while unstructured data is the most formatted.
9. While data security is an ongoing process, what is the correct order to consider these steps?
  • Real-time Monitor & Protection, Identification & Baseline, Raise the Bar
  • Identification & Baseline,Real-time Monitor & Protection,  Raise the Bar
  • Identification & Baseline, Raise the Bar, Real-time Monitor & Protection ✔
  • Raise the Bar, Identification & Baseline, Real-time Monitor & Protection
10. To automatically terminate a session if an attempt is made to access data in a sensitive table, such as Social Security (SSN) ID numbers, you would set up which type of rule?
  • An Aggregator rule.
  • An Access rule. ✔
  • An Exception rule.
  • An Exclude rule.
11. True or False: Data monitoring products such as IBM Guarduim are fully capable of blocking access to sensitive data based upon access parameters configured in policy rules.
  • True ✔
  • False
12. True or False: Data monitoring tools such as IBM Guardium are designed to monitor activities within a database, but external products, such as a privileged identity management (PIM) tool would be required to monitor changes to the data monitoring tool itself, such as the addition of new users or the alteration of existing user accounts.
  • True
  • False ✔
13. True or False: In the IBM Guardium data monitoring tool, it is possible to create a report that shows not only how many SQL unauthorized access attempts were made by an individual, but also exactly which SQL statements were disallowed.
  • True ✔
  • False
14. Which activity should be considered suspicious and might indicate inappropriate activity is being attempted?
  • A known user attempts to run invalid SQL statements against data his ID is authorized to access.
  • Data accessed by an accounting application dramatically increases in the last few days of every month.
  • A user routinely enters the incorrect password once or twice before entering the correct password for his account.
  • Attempts are made to SELECT lists of usernames and passwords by a non-administrator account. ✔

Module 4 – Deep Dive – Injection Vulnerability

Injection Vulnerability

1. Which operating system is susceptible to OS Command Injection attacks?
  • Linux
  • Windows
  • MacOS
  • All operating systems are susceptible. ✔
2. What is a possible impact of running commands thought OS shell interpreters such as sh, bash, cmd.exe and powershell.exe?
  • It makes it more difficult for a hacker to inject additional commands or arguments.
  • Powershell.exe is resistant to OS Injection attacks but sh, bash and cmd.exe have no built-in security.
  • It makes it easier for a hacker to inject additional commands or arguments. ✔
3. True or False: Safe coding practice avoides using OS commands when it can be avoided.
  • True ✔
  • False
4. True or False: Safe coding practice always runs commands through a shell interpreter.
  • True
  • False ✔

5. True or False: Safe coding practice uses library functions when running OS commands.
  • True ✔
  • False
6. True or False: Safe coding practice uses blacklists and avoids the use of whitelists.
  • True
  • False ✔

SQL Injection

1. A hacker tailoring his actions based on the database errors the application displays is an example of which type of SQL Injection attack?
  • Blind injection
  • Error-based ✔
  • UNION-based
  • Out of Band
2. True or False: Use of prepared statements is an effective mitigation against SQL Injection attacks because it seperates the query structure from the query parameters.
  • True ✔
  • False
3. True or False: Native database errors should be hidden from the user to prevent hackers from gaining insight into the internal structure of your application.
  • True ✔
  • False
4. True or False: The use of object-relational mapping (ORM) libraries is a dangerous practice that can help hackers conduct successful SQL Injection attacks.
  • True
  • False ✔

Software Vulnerabilities

1. What happens in a file inclusion attack?
  • An attacker uses a web application to send a browser-side script to another user.
  • An attacker sends more data to a web application than the memory buffer can handle.
  • An attacker uploads a file to a web application without proper validation. ✔
  • An attacker places malicious code into an SQL statement through a web page.
2. How can you view a complete list of an application’s pages and subpages that OWASP ZAP indexed during a scan?
  • Click the History tab in the Information window.
  • Click the Quick Start tab in the Workspace window.
  • Expand Sites in the Tree window. ✔
  • Select ATTACK Mode from the list of modes.
3. You and a team of developers are creating an application and collaborating on the project using a GitHub repository. You edited the code for one of the project’s files and committed your change. What should you do next?
  • Clone the project.
  • Fork the repository.
  • Issue a pull request. ✔
  • Merge your code with the repository.
4. You just used Snyk to scan several GitHub repositories. One of the repositories is named itsarepo, and you’re especially interested in the results from scanning a file in that repository named buggycode.py. Where in Snyk could you find a detailed breakdown of this file’s vulnerabilities such as “Container is running without privilege escalation control”?
  • Integrations > Vulnerability management > Vulcan
  • Projects > itsarepo > buggycode.yaml > Settings icon > GitHub integration
  • Projects > itsarepo > buggycode.yaml > Issues ✔
  • Integrations > GitHub > itsarepo > buggycode.py

 Deep Dive – Injection Vulnerability

1. Which vulnerability is being exploited in an OS Command Injection attack?
  • Improperly configured security settings in the MySQL database.
  • Poor user input sanitation and unsafe execution of OS commands. ✔
  • Vulnerabilities in the operating system shell interpreter.
  • Vulnerabilities in the operating system kernel.
2. What is a simple but effective way to protect against DLL hijacking?
  • Avoid using DLL libraries in commercial applications where security is a concern.
  • Write-protect the folders that contain your libraries.
  • Always use explicit paths to the commands or library applications. ✔
  • Use only hijack resistant open-source libraries whenever possible.
3. True or False: Safe coding practice runs code with the least possible privilege.
  • True ✔
  • False
4. True or False: Safe coding practice always specifies relative paths when running applications or using shared libraries.
  • True
  • False ✔
5. True or False: Safe coding practice does not let user input reach an OS command unchanged.
  • True ✔
  • False
6. A hacker exfiltrating data by injecting an HTTPrequest command is an example of which type of SQL Injection attack?
  • UNION-based
  • Blind injection
  • Error-based
  • Out of Band ✔
7. True or False: Limiting database user permissions is an ineffective strategy in preventing SQL Injection attacks since the injected code will run directly against the database regardless of the permission levels that have been set.
  • True
  • False ✔
8. Which of the following will help reduce the SQL Injection attack surface?
  • Direct use of native operating system commands.
  • Showing users the exact nature of database input errors.
  • Direct SQL execution from user input values.
  • Use of stored procedures. ✔
9. When developing an application, using NoSQL instead of MySQL will have what effect on the applications susceptibility to SQL Injection attacks?
  • It will have no impact on the risk of an injection attack.
  • It will eliminate the injection attack surface.
  • It will increase the risk of an injection attack.
  • It will reduce, but not eliminate, the injection attack surface. ✔
10. You work at a software development company. The development team incorporates security checks throughout software development, and all their code passes them. But you want extra assurance that the applications that they develop can withstand real-world cyberattacks. You want to simulate real hacking techniques to identify any remaining vulnerabilities. What cyberdefense method should you use?
  • Security monitoring
  • System information event management
  • Dynamic application security testing
  • Penetration testing ✔
11. How can you view a complete list of all vulnerabilities that OWASP ZAP detected while scanning an application?
  • Click the Request tab in the Workspace window.
  • Expand Sites in the Tree window.
  • Select Protected Mode from the list of modes.
  • Click the Alerts tab in the Information window. ✔
3. 12. You find a public GitHub repository for an application and would like to use and modify the application’s code for your own project. However, you need to do so without impacting the current repository. What should you do?
  • Access your list of GitHub repositories, and then click Projects.
  • Access the repository’s web page, and then click Pull requests.
  • Access the repository’s web page, and then click Fork. ✔
  • Access your list of GitHub repositories, and then click Sort.
13. You’re the project manager for a development team working on code in a GitHub repository. You use Snyk to scan the repository for vulnerabilities. Snyk identifies only one vulnerability, “Container has no CPU limit”, and marks the vulnerability as low severity. The fix for this issue is currently in development, but you don’t know when it will be ready. What should you do next on the file’s Overview page?
  • Click Ignore, click Not vulnerable, type a comment in the comment field, and then click Save.
  • Click Ignore, click Ignore permanently, and then click Save.
  • Click Ignore, click Ignore temporarily, select the Until fix is available checkbox, and then click Save. ✔
  • Click Ignore, click Not vulnerable, and then click Save. 

#Cybersecurity #IBM

Post a Comment

© 2025 TeamsCloud ‧ All rights reserved. Developed by Teams
Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
More Details
Oops!
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.