Explore topic-wise InterviewSolutions in .

Correct choice is (d) Adware

The explanation is: The adware’s functions may be intended to ANALYZE a VICTIM’s LOCATION & what different Internet SITES he/she is visiting. Creators of adware also sell your browsing BEHAVIOUR & information to 3^rd parties.

Right choice is (d) Adware

The BEST explanation: The unwanted software USED to PITCH ads on the user’s screen is the adware, displayed most often WITHIN a web BROWSER. Users might invite some bogus virus in his/her system by clicking the adware.

The correct ANSWER is (b) Automatic updates of antivirus

To ELABORATE: Some abnormal symptom found once you click any malicious adware are the automatic opening of new tabs in the browser, changes in a home page, POPPING up of new Search ENGINES on your browser ETC.

The correct choice is (b) Adware

The explanation is: Adwares are unwanted software intended to pitch advertisements UPON the user’s screen, most often WITHIN a web browser. Sometimes, hackers embed MALWARE along with it to compromise systems. So, security professionals treat it as modern-day PUP (potentially unwanted programs).

Correct choice is (c) Cookie SNOOPING

To explain: Cookie Snooping is the ATTACK method for decoding user credentials. Using this technique an attacker can LOG on as a user & gain access to UNAUTHORIZED data.

The correct OPTION is (b) Cryptanalysis

The explanation: Cryptanalysis is the STUDY of cipher-text & CRYPTOSYSTEMS keeping in mind to IMPROVISE the crypto-algorithm by understanding how they work & finding alternate techniques. The rest three are examples of WEB application hacking techniques.

The correct choice is (a) Parameter TAMPERING

For EXPLANATION I would SAY: Parameter tampering takes advantage if hidden FIELDS that work as the only security measure in some APPLICATIONS. Modifying this hidden field value will cause the web application to change according to new data incorporated.

The correct answer is (d) JavaScript

Explanation: Web application HACKING can be defined as the mistreatment of applications through HTTP or HTTPS that can be DONE by manipulating the web application through its graphical web interface. JavaScript is used for injecting CODE for web-app hacking.

Right choice is (c) CRLF

The best explanation: CRLF Injection attack is a special attack done through character elements “CARRIAGE RETURN” or “Line Feed.” EXPLOITATION can be done when an ATTACKER is CAPABLE to inject a CRLF series in an HTTP stream.

Right answer is (a) REVERSE engineering

To explain: Web APPLICATIONS are mistreated VIA HTTP or HTTPS for manipulating the web application through its graphical web interface and this TECHNIQUE is CALLED Web application hacking. Web application threats are command injection, DMZ protocol attack, buffer overflow attack etc.

Right option is (c) Cross Site SCRIPTING

To explain: Cross-site scripting (XSS) is a kind of external injection attack on web-app SECURITY where an attacker injects some abnormal data, such as a malicious code/script to HARM or lower down the REPUTATION of TRUSTED websites.

Right choice is (d) Brute-force

The explanation is: The mistreatment of online services and applications that uses HTTP or HTTPS can be done by manipulating the web APPLICATION through its graphical web INTERFACE. Popular hacking methods are XSS, CSRF, SQLI.

The correct choice is (B) Web application

For explanation: Web application hacking can be defined as the MISTREATMENT of APPLICATIONS through HTTP or HTTPS that can be done by MANIPULATING the web application through its graphical web interface or by TAMPERING the Uniform Resource Identifier (URI).

Correct answer is (c) Reverse ENGINEERING PC apps

The best I can explain: Reverse engineering PC apps is not an EXAMPLE of web application HACKING. STEALING credit card information, reverse engineering PC apps, and exploiting server-side scripting are examples of web application hacking.

The correct answer is (b) Web application

To elaborate: A Web application is a program application that is stored on a remote-server & distributed over the INTERNET when a user uses a BROWSER INTERFACE to request for such applications.

Right option is (a) Using OS or antivirus without updates

Explanation: For defending against WEB server hacking, one needs to scan web server APPLICATIONS for vulnerabilities, make use of SECURE protocols, and follow strict access CONTROL policy.

The correct option is (b) False

The best EXPLANATION: CLEANIISLOG tool is used to clear the log entries in the IIS log files filtered by an IP address. It is a HACKING tool which can help in easily REMOVE all traces of her log file from the server.

Right option is (c) CleanIISLog

The explanation is: IIS (Internet Information Services) is ONE of the most widely used WEB server platform. IIS logs all the visits in LOG files which are located at <%systemroot%>\logfiles. CleanIISLog tool clears the log entries in the IIS log files FILTERED by an IP address.

Correct choice is (d) Password guessing

To ELABORATE: The web servers are ACTUALLY computers running that makes us available & accessible files (web pages) through the internet. Different web server ATTACK types are through DOS attack, website defacement USING SQLi and directory traversal.

Correct choice is (b) ASP TROJAN

Best explanation: ASP Trojan is a TINY SCRIPT that if uploaded to a web server can give hacker complete control of remote PC. ASP Trojan can be easily ATTACHED to web applications creating a backdoor in web server hacking.

Right option is (d) Internet Information Services

To EXPLAIN I would say: WEB servers are actually computers running that makes US available & ACCESSIBLE files (web pages) through the internet. The most widely used web server platform is the IIS (Internet Information Services).

The correct choice is (a) IIS

For EXPLANATION I WOULD say: Websites get hosted on WEB servers. Web servers are actually computers RUNNING that makes us AVAILABLE & accessible files (web pages) through the internet. IIS is one of the most widely used web server platforms.

Right CHOICE is (d) Sessions hijacking

The best explanation: Defacing the web SERVER can be done in various ways by fetching credentials through brute-forcing administrator PASSWORD, through cache poisoning, mail server intrusion, web APP bugs and MANY more.

Correct option is (B) Using network vulnerabilities

Easy explanation: WEBSITES get HOSTED on web servers. Web servers are ACTUALLY computers running that makes us available & ACCESSIBLE files (web pages) through the internet. Various ways that can help compromise a web server are a misconfiguration of network or OS, bugs in web server’s OS etc.

The correct OPTION is (a) True

To explain: Hjksuite TOOL is a collection of programs used for session HIJACKING. It contains a library CALLED hjklib which can help in implementing TCP/IP stack-over hijacking.

Correct ANSWER is (a) T-Sight

Easiest explanation: The session remains valid up to the ending of any COMMUNICATION. Some of the sessions HIJACKING tools are T-Sight, Jiggernaut, IP watcher and Paros HTTP HIJACKER.

Correct choice is (c) Wireshark

The EXPLANATION is: The session depicts the time period in which communication of 2 computer systems takes place. Some of the sessions HIJACKING tools are Jiggernaut, IP watcher and PAROS HTTP Hijacker.

Right answer is (B) physical LEVEL

Best explanation: These are NETWORK level and application level hijacking. In application level session hijacking, hackers gain session ID for taking control of EXISTING session or even create a new unauthorized session.

Right option is (C) Domain Hijacking

The explanation is: The network hijacking is IMPLEMENTED on the data flow of PROTOCOL shared by all web APPLICATIONS. Examples of network level hijacking are TCP/IP hijacking, RST hijacking, blind hijacking UDP hijacking etc.

The correct answer is (a) network level

The explanation is: TCP SESSION hijacking that deals with a security ATTACK on any TARGET victim’s session over a protected network. The network hijacking is implemented on the data flow of protocol SHARED by all web APPLICATIONS.

Right option is (d) two

For explanation: Session Hijacking WORKS based on the PRINCIPLE of SYSTEM’s sessions. Session hijacking takes place at two levels. These are NETWORK LEVEL and application level hijacking.

Correct answer is (c) ACTIVE session HIJACKING

Best explanation: There are 2 TYPES of session hijacking. These are active and passive session hijacking. In an active session hijacking attack, an attacker finds an active session & takes over that session.

Right choice is (b) passive SESSION hijacking

To elaborate: There are 2 types of session hijacking viz. ACTIVE and passive session hijacking. With a passive session hijacking ATTACK, an attacker hijacks a session but do not alter ANYTHING. They just sit back and watch or record all the TRAFFIC and data being sent forth.

Right answer is (a) 2

To elaborate: The session HIJACKING is a form of web attack USUALLY MANAGED with a session token. There are two types of session hijacking. These are active and PASSIVE session hijacking.

Correct option is (b) spoofing

Best explanation: In a spoofing attack, the attacker doesn’t actively TAKE over another user to PERFORM the attack. The most commonly used SESSION hijacking attack is IP spoofing.

Right choice is (d) Hijacking

Explanation: Hijacking is DONE only after the target user has connected to the server. Session hijacking attack is the MISUSE of the web-session that is usually HANDLED with a session token.

Correct OPTION is (c) IP spoofing

For explanation: SESSION HIJACKING is the utilization of a VALID system SESSIONWHICH is usually managed with a token. The most commonly used session hijacking attack is IP spoofing.

The CORRECT choice is (b) Session HIJACKING

For explanation: Session Hijacking attack is the EXPLOITATION of the web-session & its mechanism that is usually managed with a session token. Mostly it is CALLED TCP session hijacking that DEALS with a security attack on any target victim’s session over a protected network.

Correct option is (b) Hardware protocol analyzers

For explanation I WOULD SAY: Sniffing is data interception method which can be done USING hardware also. Hardware protocol analyzers are those devices which can be plugged into your network at the hardware level & it can monitor traffic without MANIPULATING it.

Right option is (d) active

Best explanation: Sniffing is LIKE tapping the phone CALLS & over-heard about any discussion. In active sniffing, the NETWORK TRAFFIC is not only supervised & locked but ALSO be can be altered in different ways to accomplish the attack.

Correct answer is (b) Sniffer tool

To EXPLAIN I would say: A sniffer tool turns your MACHINE’s NIC to the DISSOLUTE mode so that hackers can LISTEN to & observe all your data packets. Hence they can KNOW what type of data is being transmitted and received.