Tag: science & technology

Questions Related to science & technology

Out of the Following, which is one of the Injection Prevention Mechanisms ?
general knowledge science & technology

  1. Avoid Escape Special Characters

  2. Use of non Parameterized API

  3. Input Validation against Whitelist

  4. Avoid sending the wrong data at first place as request parameter.

Show answer
Correct Option: C

Out of the Following, which is not the Injection Prevention Mechanisms ?
general knowledge science & technology

  1. Escape special characters using the specific escape syntax for that interpreter

  2. Use of Parameterized API

  3. Avoid sending the wrong data at first place as request parameter.

  4. Input Validation using Whitelist

Show answer
Correct Option: C

"Attacker sends text- based attack data that exploit the interpreter in the browser". This is the example of :
general knowledge science & technology

  1. Injection

  2. Cross Site Request Forgery

  3. Cross Site Scripting

  4. Failure to Restrict URL Access

Show answer
Correct Option: C

"Cross Site Scripting" is one of the Web Risks which specifically targets :

general knowledge science & technology

  1. FileSystem

  2. Web Application

  3. Production Server

  4. Browser InterPretation

Show answer
Correct Option: D

User has used a computer in Cyber Café and has forgot to logout. Attacher comes and uses the same browser to work on the same Web Application. This kind of Scenarios come under:
general knowledge science & technology

  1. Broken Authorization

  2. Broken Authentication and Session Management

  3. Security Misconfiguration

  4. Cross Site Request Forgery

Show answer
Correct Option: B

Which is the Valid Scenario of Broken Authentication and Session Management.
general knowledge science & technology

  1. User able to access the page which he/she is not Authorised.

  2. Exposing Authentication/Session details as part of URL

  3. Sending Financial Data request as part of the request URL.

  4. None of the Above

Show answer
Correct Option: B

Which one is the example of "Insecure Direct Object References"
general knowledge science & technology

  1. Use of non Parameterized API

  2. Unauthorised access to any webpage /webdata directly or indirectly.

  3. Ignoring the updates to install.

  4. None of the Above.

Show answer
Correct Option: B

"Use per user or session indirect object references" is the methodology to prevent which kind of security risk ?
general knowledge science & technology

  1. Cross Site Request Forgery

  2. Broken Authentication and Session Management

  3. Insecure Direct Object Refrences

  4. Insecure Cryptographic Storage

Show answer
Correct Option: C

Attacker creates forged HTTP requests and tricks a victim into submitting them via image tags, XSS, or numerous other techniques. If the user is authenticated, the attack succeeds. This kind of attack comes under the risk of following security risk?
general knowledge science & technology

  1. Injection

  2. Cross Site Scripting

  3. Cross Site Request Forgery

  4. Security Misconfiguration

Show answer
Correct Option: C

Including the unique token in a hidden field can be an effective method for preventing this kind of risk:
general knowledge science & technology

  1. Insecure Direct Object References

  2. Insecure Cryptographic Storage

  3. Unvalidated Redirects and Forwards

  4. Cross-Site Request Forgery (CSRF)

Show answer
Correct Option: D