Computer Science: Cybersecurity Basics

Which pillar of the CIA triad ensures that sensitive information is only accessible to authorized individuals?

Confidentiality

Which component of the CIA triad focuses on protecting data from unauthorized modification or deletion to ensure its accuracy?

Integrity

Which CIA triad principle ensures that systems and data are accessible to authorized users when needed?

Availability

How does an attacker typically execute a SQL injection (SQLi) attack against a web application?

By inserting malicious SQL code into input fields that are later executed by the backend database.

What is the primary difference between Stored (Persistent) XSS and Reflected XSS?

Stored XSS involves malicious scripts permanently saved on the server, while Reflected XSS involves scripts bounced off a web server to a victim via a link.

Explain how a Cross-Site Request Forgery (CSRF) attack exploits the trust a site has in a user's browser.

It tricks a logged-in user's browser into sending an unauthorized request to a web application where the user is currently authenticated.

In a Man-in-the-Middle (MITM) attack, what is the attacker's primary objective regarding the communication channel?

To secretly intercept, and possibly alter, the communication between two parties who believe they are communicating directly.

What is the term for a social engineering attack where attackers send fraudulent emails to trick individuals into revealing sensitive information?

Phishing

What is the primary goal of a Distributed Denial of Service (DDoS) attack?

To overwhelm a target system's resources or bandwidth with a flood of traffic from multiple sources, making it unavailable to legitimate users.

Explain the mechanism of a stack-based buffer overflow and how it can lead to arbitrary code execution.

An attacker writes more data to a buffer than it can hold, overwriting adjacent memory, specifically the return address on the stack, to point to malicious code.