Desktop Application Desktop Application Security

Question 1

What type of attack injects malicious commands into a desktop application that passes user input to the operating system shell?

Accepted Answer

Command injection

Answer

SQL injection

Answer

Buffer overflow

Answer

Cross-site scripting

Question 2

What is the principle of 'least privilege' in desktop application security?

Accepted Answer

An application should request only the permissions it actually needs to function

Answer

Users should have the fewest features available by default

Answer

Applications should run at the lowest visual priority

Answer

Security updates should be minimal to avoid breaking changes

Question 3

What is a 'buffer overflow' vulnerability in a desktop application?

Accepted Answer

Writing more data to a memory buffer than it can hold, potentially allowing code execution

Answer

Running out of RAM while the application is open

Answer

Filling a database table beyond its capacity

Answer

Sending too many network requests simultaneously

Question 4

What does 'code signing' a desktop application accomplish?

Accepted Answer

It verifies the application's publisher identity and confirms the code hasn't been tampered with

Answer

It compresses the executable to reduce download size

Answer

It obfuscates source code to prevent reverse engineering

Answer

It enables the app to run with administrator privileges automatically

Question 5

Which type of malware disguises itself as a legitimate desktop application to gain unauthorized access?

Accepted Answer

Trojan horse

Answer

Worm

Answer

Ransomware

Answer

Adware

Question 6

What is the purpose of encrypting sensitive data stored locally by a desktop application?

Accepted Answer

To protect data from being read if the device is lost or accessed by unauthorized users

Answer

To speed up data retrieval from disk

Answer

To compress files to save storage space

Answer

To prevent the application from crashing