Q & A
The answers to these questions appear in Appendix A. For more practice with exam format questions, use the Pearson Test Prep software online.
Which of the following involves an unauthorized individual searching and attempting to collect sensitive information from the trash?
Which of the following is a technique that is executed using disassemblers and decompilers to translate an app’s binary code or bytecode back into a more or less understandable format?
Static and dynamic binary analysis
Static and dynamic source code analysis
Binary patching, or “modding”
Binary code injection
Which of the following is a sandbox built in the Linux kernel to only allow the write(), read(), exit(), and sigreturn() system calls?
Which of the following statements is not true?
Modern web browsers provide sandboxing capabilities to isolate extensions and plugins.
HTML5 has a sandbox attribute for use with iframes.
Java virtual machines include a sandbox to restrict the actions of untrusted code, such as a Java applet.
Microsoft’s .NET Common Language Runtime cannot enforce restrictions on untrusted code.
Which of the following can attackers use to capture every keystroke of a user in a system and steal sensitive data (including credentials)?
Which of the following functionalities can an attacker abuse to try to elevate privileges if the service is running under SYSTEM privileges?
Unquoted service paths
Unquoted PowerShell scripts
Writable SYSTEM services using the GetSystemDirectory function
Cross-site scripting (XSS)
Which of the following is not a place where Windows stores password hashes?
PowerShell hash store
Which of the following is an open source tool that allows an attacker to retrieve user credential information from the targeted system and potentially perform pass-the-hash and pass-the-ticket attacks?