404 Appendix ■ Answers
9 9. B. A master boot record (MBR) virus redirects the boot process to load malware during
the operating system loading process. File infector viruses infect one or more normal files
stored on the system. Polymorphic viruses alter themselves to avoid detection. Service
injection viruses compromise trusted components of the operating system.- C. Multipartite viruses use multiple propagation mechanisms to spread between systems.
This improves their likelihood of successfully infecting a system because it provides
alternative infection mechanisms that may be successful against systems that are not
vulnerable to the primary infection mechanism. - C. Each of these problems is caused by improper or missing input validation and can be
resolved by handling inputs properly. In many cases, this can be done using libraries or
methods already built into the language or framework that the developer is using. - D. Rapid Application Development, or RAD, focuses on fast development and the ability
to quickly adjust to changing requirements. RAD uses four phases: requirements planning,
user design, construction, and cutover. - A. This code is an example of parameterization, which can help avoid SQL injection.
Note that each parameter has a placeholder, which is then passed to the query. - A. Limiting request rates can prevent abuse of APIs like this one. The other suggestions
are all poor recommendations. In general, requests should require HTTPS, tokens are
used for security using tools like JSON web tokens (JWT), and HTTP methods may be
restricted, but GET, POST, and PUT are some of the most common methods used for API
access and are far more typically whitelisted.
Chapter 9: Practice Test
- C. NIST SP 800-53 discusses security control baselines as a list of security controls. CIS
releases security baselines, and a baseline is a useful part of a threat management strategy
and may contain a list of acceptable configuration items. - B. A Content Distribution Network (CDN) is designed to provide reliable, low-latency,
geographically distributed content distribution. In this scenario, a CDN is an ideal
solution. A P2P CDN like BitTorrent isn’t a typical choice for a commercial entity,
whereas redundant servers or a hot site can provide high availability but won’t provide the
remaining requirements. - D. A forensic disk controller performs four functions. One of those, write blocking,
intercepts write commands sent to the device and prevents them from modifying data on
the device. The other three functions include returning data requested by a read operation,
returning access-significant information from the device, and reporting errors from the
device back to the forensic host. The controller should not prevent read commands from
being sent to the device because those commands may return crucial information. - B. RAID 1, disk mirroring, requires two physical disks that will contain copies of the
same data.