|
0,1,2,3,4,5,correct,choiceA_probs,choiceB_probs,choiceC_probs,choiceD_probs |
|
Which of the following styles of fuzzer is more likely to explore paths covering every line of code in the following program?,Generational,Blackbox,Whitebox,Mutation-based,C,False,0.2785254120826721,0.2169158160686493,0.1490839272737503,0.2169158160686493 |
|
|
|
|
|
,,,,,A,False,0.18936975300312042,0.2755313515663147,0.16711822152137756,0.18936975300312042 |
|
MIT’s Kerberos KDC server has a maximum ticket lifetime of 24 hours (for most user principals). What ensures that an expired Kerberos ticket can no longer be used?,The Kerberos server (KDC) refuses to establish new connections between clients and servers for expired tickets.,,,,C,False,0.2484777718782425,0.3615330159664154,0.1707761138677597,0.1707761138677597 |
|
,Receiver,Sender,Modulor,Translator,A,True,0.23060816526412964,0.23060816526412964,0.1584945172071457,0.20351098477840424 |
|
Which of the following is a remote Trojan?,Troya,DaCryptic,BankerA,Game-Troj,A,False,0.1746160387992859,0.2878931760787964,0.2540648281574249,0.1746160387992859 |
|
______________ is a widespread app’s coding mistake made by developers which could be exploited by an attacker for gaining access or malfunctioning your system.,Memory leakage,Buffer-overrun,Less processing power,Inefficient programming,B,True,0.022731473669409752,0.35558009147644043,0.013787336647510529,0.017703289166092873 |
|
,all instructions that modify segment state,all loads or stores to addresses that are not 0 mod 32,all indirect loads or stores (via an address in a register or variable),all indirect jumps (via an address in a register or variable),A,False,0.11694100499153137,0.1501552313566208,0.17014816403388977,0.28052690625190735 |
|
____________ is also a part of darknet that is employed for transferring files anonymously.,Freenet,ARPANET,Stuxnet,Internet,A,False,0.11916402727365494,0.2226276993751526,0.17338262498378754,0.3239213824272156 |
|
,No string boundary checks in predefined functions,No storage check in the external memory,No processing power check,No database check,A,True,0.41323065757751465,0.2506370544433594,0.07180871814489365,0.10448107123374939 |
|
Man in the middle attack can endanger the security of Diffie Hellman method if two parties are not,Joined,Authenticated,Submitted,Shared,B,True,0.14760923385620117,0.31248876452445984,0.1672631800174713,0.2757703363895416 |
|
An integer overflow occurs when,,an integer is used as if it was a pointer,an integer is used to access a buffer outside of the buffer's bounds,there is no more space to hold integers in the program,D,False,0.32222700119018555,0.2214631587266922,0.1724756807088852,0.15220925211906433 |
|
"Let HH be a Merkle-Damgard hash function is H:X^{\leq L} \to TH:X^≤L →T. Construct a MAC from this HH as follows: \ \ S(k,m) = H(k \| m) S(k,m)=H(k∥m). This mac is insecure because:",Given H(k \| m)H(k∥m) anyone can compute H(w \| k \| m \| \text{PB})H(w∥k∥m∥PB) for any ww,Given H(k \| m)H(k∥m) anyone can compute H(k \| m \| w)H(k∥m∥w) for any ww,Given H(k \| m)H(k∥m) anyone can compute H(k \| m \| \text{PB} \| w)H(k∥m∥PB∥w) for any ww,Anyone can compute H( k \| m )H(k∥m) for any mm,C,False,0.19612134993076324,0.3233494460582733,0.2518247961997986,0.19612134993076324 |
|
"Suppose that Alice and Bob sent confidential text messages to one another last month through an encrypted messaging system. Alice and Bob are worried that an adversary might compromise one of their computers today, while they are taking the 6.858 final exam, and would then be able to decrypt those messages. Which of the following security properties can address Alice and Bob’s concern?",Authentication.,Deniability.,Forward secrecy,Backward secrecy.,C,False,0.1005302146077156,0.24115945398807526,0.21282246708869934,0.18781517446041107 |
|
"The AH Protocol provides source authentication and data integrity, but not",Integrity,Privacy,Nonrepudiation,Both A & C,B,False,0.151248961687088,0.19420750439167023,0.22006593644618988,0.3201940357685089 |
|
Which of the following is not a security exploit?,Eavesdropping,Cross-site scripting,Authentication,SQL Injection,C,False,0.13591785728931427,0.22409063577651978,0.17452196776866913,0.3694629967212677 |
|
_______________ is the central node of 802.11 wireless operations.,WPA,Access Point,WAP,Access Port,B,True,0.10348918288946152,0.6748342514038086,0.03807154297828674,0.03359801694750786 |
|
In MD-5 the length of the message digest is,160,128,64,54,B,True,0.1224069818854332,0.29363909363746643,0.10802379250526428,0.1224069818854332 |
|
What is Nmap?,"It is a scanner which works by injecting packets to a range of addresses, and inferring what hosts and services might be at those addresses, based on the responses",It is a network fuzz testing tool,It is a map of the Internet,"It is a suite of tools for scripting attacks: probe, construct, encode, inject, wait for response",A,False,0.06874269992113113,0.10002005100250244,0.08826737850904465,0.6522126197814941 |
|
How do you prevent SQL injection?,Escape queries,Interrupt requests,Merge tables,All of the above,A,False,0.02982151135802269,0.02982151135802269,0.02631738968193531,0.11794634908437729 |
|
"What does it mean to ""be stealthy"" during a penetration test?",Performing the tests from an undisclosed location,Using encryption during tests to make the source of attacks impossible to determine,Performing penetration testing without the target organization knowing,"Taking care to avoid activities during a penetration test that might attract attention, e.g., by operators or IDS services",D,True,0.003850761568173766,0.08764293044805527,0.077344611287117,0.7338252663612366 |
|
Which of the following is not a transport layer vulnerability?,"Mishandling of undefined, poorly defined variables",The Vulnerability that allows “fingerprinting” & other enumeration of host information,Overloading of transport-layer mechanisms,Unauthorized network access,D,True,0.11367420107126236,0.2406482994556427,0.21237137913703918,0.3501411974430084 |
|
"In Brumley and Boneh’s paper on side-channel attacks, why does blinding prevent the timing attack from working?","Blinding prevents the server from using the CRT optimization, which is essential to the timing attack.","Blinding changes the p and q primes that are used, so an adversary cannot learn the server’s true p and q values.","Blinding randomizes the ciphertext being decrypted, thus obscuring the correlation between an adversary’s input and the timing differences.","Blinding adds a random amount of time to the decryption due to the multiplication and division by the blinding random value r, which obscures the timing differences used in the attack.",C,True,0.022650139406323433,0.21489852666854858,0.40148329734802246,0.27593517303466797 |
|
"The openSSL implementation described in “Remote Timing Attacks are Practical” (by Brumley and Boneh) uses the following performance optimizations: Chinese Remainder (CR), Montgomery Representation (MR), Karatsuba Multiplication (KM), and Repeated squaring and Sliding windows (RS). Which of the following options would close the timing channel attack described in the paper if you turned the listed optimizations off? |
|
1. RS and KM |
|
2. RS and MR","True, True","False, False","True, False","False, True",D,True,0.082692950963974,0.15449075400829315,0.1983700543642044,0.22478272020816803 |
|
Public key encryption is advantageous over Symmetric key Cryptography because of,Speed,Space,Key exchange,Key length,C,True,0.11926998198032379,0.19664296507835388,0.28611379861831665,0.28611379861831665 |
|
The __________ was a huge marketplace of Dark Web specifically famous for selling of illegal drugs & narcotics as well as you can find a wide range of other goods for sale.,Silk Road,Cotton Road,Dark Road,Drug Road,A,True,0.7506651282310486,0.054378002882003784,0.012133372016251087,0.017653953284025192 |
|
The ______________ is categorized as an unknown segment of the Deep Web which has been purposely kept hidden & is inaccessible using standard web browsers.,Haunted web,World Wide Web,Dark web,Surface web,C,True,0.0017779716290533543,0.0588783361017704,0.8127903342247009,0.013137531466782093 |
|
What does EXE do when the STP solver times out on a constraint query for a particular path?,Assume that the query is satisfiable and continue executing the path.,Assume that the query is not satisfiable and stop executing the path,"Restart STP and retry the query, up to a limited number of retries.",Remove a subset of the constraints and retry the query.,B,False,0.08892427384853363,0.27390605211257935,0.451594740152359,0.1141810342669487 |
|
To verify a digital signature we need the,Sender’s Private key,Sender’s Public key,Receiver’s Private key,Receiver’s Public key,B,True,0.1912580132484436,0.3573170006275177,0.13144958019256592,0.16878460347652435 |
|
Suppose you want to use fuzzing on a program to try to find memory errors; which of the following statements is true?,"You should not use a grammar-based fuzzer, because its adherence to the grammar means it will not find memory errors",Compiling the program with address sanitizer (ASAN) will make errors harder to reproduce,Compiling the program with address sanitizer (ASAN) will make the source of a memory error easier to find,"Fuzzing doesn't find memory errors, it finds crashes and hangs |
|
Based on the paper “SoK: SSL and HTTPS: Revisiting past challenges and evaluating certificates trust model enhancements”, which of the following statements are false? |
|
|
|
|
|
Suppose Unix did not provide a way of passing file descriptors between processes, but still allowed inheriting file descriptors from a parent on fork and exec. What aspects of the OKWS design would break without file descriptor passing? |
|
1. It would be impossible for services to get a TCP connection to the client web browser. |
|
2. It would be impossible for okd to run as a non-root user.True, TrueFalse, FalseTrue, FalseFalse, True |
|
|
|
|
|
When does a buffer overflow occur, generally speaking?when the program notices a buffer has filled up, and so starts to reject requests |
|
|
|
|
|
Let I = (S,V)I=(S,V) be a MAC. Suppose S(k,m)S(k,m) is always 5 bits long. Can this MAC be secure?No, an attacker can simply guess the tag for messagesYes, the attacker cannot generate a valid tag for any messageYes, the PRG is pseudorandom |
|
|
|
|
|
When a wireless user authenticates to any AP, both of them go in the course of four-step authentication progression which is called _____________ |
|
|
|
|
|
Assume that a TLS connection has been established successfully between a client and a server. Establishing the session included checking the server certificate and executing a DiffieHelmann exchange, but the client did not provide a client certificate. Further, assume that the client and server are honest, that the client and server don’t leak their keys, and that the cryptography is good. Which of the following attacks does TLS protect against? |
|
1. An attacker replacing bytes sent by a client with bytes of the attacker’s own choosing. |
|
2. An attacker reading the plaintext bytes sent by a client.True, TrueFalse, FalseTrue, FalseFalse, True |
|
|
|
|
|
|
|
A piece of software that makes a web application look like a standalone application, making it easier to testA simulator for the web, for use when off-line |
|
|
|
C, RubyPython, RubyC, C++Tcl, C# |
|
Encryption and decryption provide secrecy, or condentiality, but not |
|
|
|
|
|
It only makes sense for file-based fuzzing, not network-based fuzzing |
|
Port, network, and servicesNetwork, vulnerability, and port Passive, active, and interactiveServer, client, and network |
|
A sender must not be able to deny sending a message that was sent, is known as |
|
|
|
|
|
|
|
By changing the name of the running executable, stored on the stack |
|
|
|
Let F: K \times R \to MF:K×R→M be a secure PRF. For m \in Mm∈M define E(k,m) = \big[ r \gets R,\ \text{output } \big(r,\ F(k,r) \oplus m\big)\ \big]E(k,m)=[r←R, output (r, F(k,r)⊕m) ] Is EE symantically secure under CPA?Yes, whenever F is a secure PRFNo, there is always a CPA attack on this systemYes, but only if R is large enough so r never repeats (w.h.p) |
|
|
|
An attack that continuously repeats, probing for a weaknessThe attacker resends a captured message, and the site accept its and responds in the attacker's favor",D,True,0.03757142275571823,0.1908034384250641,0.06194480508565903,0.5877159833908081 |
|
Statement 1| A U2F USB dongle prevents malware on the user’s computer from stealing the user’s second factor to authenticate as that user even when the user’s computer is turned off. Statement 2| A server using U2F can reliably determine that the user who is attempting to login is indeed behind the computer that sent the login request.,"True, True","False, False","True, False","False, True",C,False,0.1561911553144455,0.2918034791946411,0.1378381997346878,0.22725677490234375 |
|
____________________ is the anticipation of unauthorized access or break to computers or data by means of wireless networks.,Wireless access,Wireless security,Wired Security,Wired device apps,B,True,0.06333772093057632,0.4680059552192688,0.03390223905444145,0.038416266441345215 |
|
Which of the following are benefits of penetration testing?,Results are often reproducible,Full evidence of security: a clean test means a secure system,Compositionality of security properties means tested components are secure even if others change,Makes an adversarial neural network converge more quickly,A,True,0.2654881775379181,0.0976676419377327,0.06712591648101807,0.12540775537490845 |
|
1. _________ framework made cracking of vulnerabilities easy like point and click.,.Net,Metasploit,Zeus,Ettercap,B,True,0.10994789749383926,0.4927522838115692,0.1245872899889946,0.1245872899889946 |
|
You are given a message (m) and its OTP encryption (c). Can you compute the OTP key from m and c ?,"No, I cannot compute the key.","Yes, the key is k = m xor c.",I can only compute half the bits of the key.,"Yes, the key is k = m xor m.",B,True,0.009627523832023144,0.8666420578956604,0.017986580729484558,0.07113831490278244 |
|
"The openSSL implementation described in “Remote Timing Attacks are Practical” (by Brumley and Boneh) uses the following performance optimizations: Chinese Remainder (CR), Montgomery Representation (MR), Karatsuba Multiplication (KM), and Repeated squaring and Sliding windows (RS). Which of the following options would close the timing channel attack described in the paper if you turned the listed optimizations off? |
|
1. CR and MR |
|
2. CR","True, True","False, False","True, False","False, True",A,False,0.060405001044273376,0.16419780254364014,0.14490406215190887,0.21083416044712067 |
|
"When the data must arrive at the receiver exactly as they were sent, its called",Message Condentiality,Message Integrity,Message Splashing,Message Sending,B,True,0.14812244474887848,0.3135751783847809,0.061746612191200256,0.13071759045124054 |
|
What is the difference between a direct leak and a side channel?,"A direct leak creates a denial of service by failing to free memory, while a channel frees memory as a side effect","A direct leak is one that is intentional, rather than by unintentional","A direct leak comes via the software system's intended interaction mechanism, where as a side channel leak comes from measurements of other system features, like timing, power usage, or space usage |
|
|
|
It is a sequence of nops preceding injected shellcode, useful when the return address is unknown |
|
|
|
Based on the paper “Click Trajectories: End-to-End Analysis of the Spam Value Chain”, which of the following statements are true? “Spammers” here refer to operators of various parts of the “spam value chain.” |
|
In a _____________ attack, the extra data that holds some specific instructions in the memory for actions is projected by a cyber-criminal or penetration tester to crack the system. |
|
|
|
___________________ is alike as that of Access Point (AP) from 802.11, & the mobile operators uses it for offering signal coverage. |
|
|
|
|
|
Let suppose a search box of an application can take at most 200 words, and you’ve inserted more than that and pressed the search button; the system crashes. Usually this is because of limited __________ |
|
|
|
Active, inactive, standbyOpen, half-open, closed Open, filtered, unfilteredActive, closed, unused |
|
|
|
As a stack-allocated variable, it could have different addresses depending on when its containing function is called |
|
|
|
Yes, if the PRG is really “secure”No, there are no ciphers with perfect secrecyYes, every cipher has perfect secrecyNo, since the key is shorter than the message |
|
|
|
|
|
A _________________ may be a hidden part of a program, a separate infected program a Trojan in disguise of an executable or code in the firmware of any system’s hardware. |
|
|
|
|
|
Suppose Unix did not provide a way of passing file descriptors between processes, but still allowed inheriting file descriptors from a parent on fork and exec. What aspects of the OKWS design would break without file descriptor passing? |
|
1. It would be impossible for services to send messages to oklogd. |
|
2. It would be impossible for services to get a TCP connection to a database proxy.True, TrueFalse, FalseTrue, FalseFalse, True |
|
|
|
Confidentiality, Integrity, Non repudiation and AuthenticationConfidentiality, Access Control, Integrity, Non repudiationAuthentication, Authorization, Availability, IntegrityAvailability, Authorization, Confidentiality, Integrity |
|
|
|
The ______________ can cost you money, by sending text messages from your mobile phone numbers. |
|
|
|
|