100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
WGU C836 Task 1 Updated 2024 with complete solution $15.99   Add to cart

Exam (elaborations)

WGU C836 Task 1 Updated 2024 with complete solution

 9 views  0 purchase
  • Course
  • WGU C836
  • Institution
  • WGU C836

WGU C836 Task 1 Updated 2024 with complete solution

Preview 2 out of 6  pages

  • October 7, 2024
  • 6
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • WGU C836
  • WGU C836
avatar-seller
Americannursingaassociation
WGU C836 Task 1 Updated 2024 with complete solution


bounds checking - ANSWERto set a limit on the amount of data we expect to receive to
set aside storage for that data
*required in most programming languages
* prevents buffer overflows

race conditions - ANSWERvulnerability occur when two computer program processes,
or threads, attempt to access the same resource at the same time and cause problems
in the system.

input validation - ANSWERThis vulnerability is caused when the product does not
validate or incorrectly validates input that can affect the control flow or data flow of a
program.

format string attack - ANSWERa type of input validation attacks in which certain print
functions within a programming language can be used to manipulate or view the internal
memory of an application

authentication attack - ANSWERA type of attack that can occur when we fail to use
strong authentication mechanisms for our applications

authorization attack - ANSWERA type of attack that can occur when we fail to use
authorization best practices for our applications

cryptographic attack - ANSWERA type of attack that can occur when we fail to properly
design our security mechanisms when implementing cryptographic controls in our
applications

client-side attack - ANSWERA type of attack that takes advantage of weaknesses in the
software loaded on client machines or one that uses social engineering techniques to
trick us into going along with the attack

XSS (Cross Site Scripting) - ANSWERan attack carried out by placing code in the form
of a scripting language into a web page or other media that is interpreted by a client
browser

XSRF (cross-site request forgery) - ANSWERan attack in which the attacker places a
link on a web page in such a way that it will be automatically executed to initiate a
particular activity on another web page or application where the user is currently
authenticated

, clickjacking - ANSWERAn attack that takes advantage of the graphical display
capabilities of our browser to trick us into clicking on something we might not otherwise

server-side attack - ANSWERtarget vulnerabilities such as lack of input validation,
improper or inadequate permissions, or extraneous files left on the server from the
development process

Lack of input validation - ANSWERStructured Query Language (SQL) injection gives us
a strong example of what might happen if we do not properly validate the input of our
Web applications.

Extraneous Files - ANSWERunnecessary files that aren't cleaned up when the
application moves from development to production. Leaving files may be handing
attackers materials they need to compromise the system.

Protocol issues, unauthenticated access, arbitrary code execution, and privilege
escalation - ANSWERName the 4 main categories of database security issues

web application analysis tool - ANSWERA type of tool that analyzes web pages or web-
based applications and searches for common flaws such as XSS or SQL injection flaws,
and improperly set permissions, extraneous files, outdated software versions, and many
more such items

protocol issues - ANSWERunauthenticated flaws in network protocols, some common
software development issues, such as buffer overflows.

arbitrary code execution - ANSWERSecurity flaw in scripting languages used to talk to
database, generally these are concentrated on SQL.
allows the attacker to execute commands on a user's computer.

Privilege Escalation - ANSWERAn attack that exploits a vulnerability in software to gain
administrative access to resources that the user normally would be restricted from
accessing.
* via SQL injection or local issues

validating user inputs - ANSWERa security best practice for all software
* the most effective way of mitigating SQL injection attacks

Nikto (and Wikto) - ANSWERA web server analysis tool that performs checks for many
common server-side vulnerabilities & creates an index of all the files and directories it
can see on the target web server (a process known as spidering)

burp suite - ANSWERWeb analysis tool for penetration, identifies vulnerabilities, and
verify attack vector that affect web applications

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Americannursingaassociation. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $15.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

80796 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$15.99
  • (0)
  Add to cart