Tag: security

Questions Related to security

Cross Site Scripting is
technology security

  1. a mechanism of sharing scripts between two websites

  2. a code injection technique that exploits a security vulnerability occurring in the database layer of an application

  3. is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users.

  4. is a way to protect websites using JavaScripts

Show answer
Correct Option: C

SQL Injection is
technology security

  1. a code injection technique that exploits a security vulnerability occurring in the database layer of an application

  2. is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users

  3. is a way to allow users to query database using web

  4. is a latest way to fight against database security issues

Show answer
Correct Option: A

Cross-site request forgery
technology security

  1. is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users.

  2. is an attempt to make a computer resource unavailable to its intended users by sending invalid/forged requests

  3. is a form of attack on a database-driven Web site in which the attacker executes unauthorized SQL commands by taking advantage of insecure code on a system connected to the Internet

  4. is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts

Show answer
Correct Option: D

Denial of service
technology security

  1. is an action taken by server when invalid credentials are supplied by users

  2. is an action taken by firewall to prevent access to malicious users

  3. is an attempt to make a computer resource unavailable to its intended users

  4. is a way to prevent Cross Site Scripting attacks

Show answer
Correct Option: C

Social Engineering
technology security

  1. is the act of manipulating people into performing actions or divulging confidential information, rather than by breaking in or using technical hacking techniques (essentially a fancier, more technical way of lying).

  2. is a way to educate users about different security issues

  3. is a group formed by malicious users

  4. is a practice of engineering dealing with Social Security

Show answer
Correct Option: A

Most effective way to protect credentials in transit
technology security

  1. is by using complex passwords

  2. is to encrypt the entire login transaction using something like SSL

  3. is by not using public/shared PCs

  4. is by sending credentials by POST method

Show answer
Correct Option: B

It's OK to put sensitive information in HIDDEN form fields; after all, they're hidden.
technology security

  1. True

  2. False

Show answer
Correct Option: B

In what type of attack does an intruder manipulate a URL in such a way that the Web server executes or reveals the contents of a file anywhere on the server, including those lying outside the document root directory?
technology security

  1. cross-site scripting

  2. command injection

  3. path traversal attacks

  4. SQL injection

Show answer
Correct Option: C

Encrypted data is not at risk by keyloggers.
technology security

  1. True

  2. False

Show answer
Correct Option: B

Which of the following is NOT recommended for securing Web applications against authenticated users?
technology security

  1. Client-side data validation

  2. Running the application under least privileges necessary

  3. Filtering data with a default deny regular expression

  4. Using parameterized queries to access a database

Show answer
Correct Option: A