Which of the following BEST describes a SQL Injection attack?

An attacker attempted to compromise a web form by inserting the following input into the username
field: admin)(|(password=*))
Which of the following types of attacks was attempted?

Which of the following application attacks is used against a corporate directory service where there are
unknown servers on the network?

Sara, a hacker, is completing a website form to request a free coupon. The site has a field that limits the
request to 3 or fewer coupons. While submitting the form, Sara runs an application on her machine to
intercept the HTTP POST command and change the field from 3 coupons to 30.
Which of the following was used to perform this attack?

A malicious individual is attempting to write too much data to an application’s memory. Which of the
following describes this type of attack?

Data execution prevention is a feature in most operating systems intended to protect against which type
of attack?

Which of the following application attacks is used to gain access to SEH?

While opening an email attachment, Pete, a customer, receives an error that the application has
encountered an unexpected issue and must be shut down. This could be an example of which of the
following attacks?

A server administrator notes that a legacy application often stops running due to a memory error. When
reviewing the debugging logs, they notice code being run calling an internal process to exploit the
machine. Which of the following attacks does this describe?

Which of the following was launched against a company based on the following IDS log?
122.41.15.252 – – [21/May/2012:00:17:20 +1200] “GET
/index.php?username=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAA HTTP/1.1″ 200 2731 “http://www.company.com/cgibin/
forum/commentary.pl/noframes/read/209″ “Mozilla/4.0 (compatible;
MSIE 6.0; Windows NT 5.1; Hotbar 4.4.7.0)”