Information Network & Security Quiz Chapter 8

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

ensuring regular backups of the database are performed.

Database developers and administrators are responsible for:

cross-site scripting (XSS)

Hackers use ______ to execute arbitrary scripts through the web browser.

Penetration Testing

How can you ensure the confidentiality, integrity, and availability (CIA) of the web application and service?

persistent cross-site scripting

In a ______ attack, data that can modify how applications or services operate is downloaded (stored) onto the targeted server.

non-persistent cross-site scripting

In a _______ attack, the attacker attempts to use scripting commands in the URL itself, or through a device, such as a web form, to gain administrator, or some other elevated level of user privileges in an attempt tp force the victim's server to display the desired data on-screen.

Set the security level of DVWA to low

In the lab, what did you do before attempting the script tests that exposed the vulnerabilities?

penetration testing and security hardening

No production web application, whether it resides inside or outside of the firewall, should be implemented without:

hexadecimal character strings

Often hackers will use ______ to make the scripts even harder to detect.

the secure coding and testing of their application

Web application developers and software developers are responsible for:

If e-commerce or privacy data is entered into the web application

When is the company under additional compliance laws and standards to ensure the confidentiality of customer data?

SQL Injection attack

Which Web application attack is more likely to extract data elements out of a database?

Those that are poorly designed

Which of the following Web forms can be exploited to output passwords, credit card information, and other data?

SQL Injection

Which of the following allows valid SQL commands to run within a web form?

Cross-Site Scripting (XSS)

Which of the following becomes possible when a web form allows HTML or JavaScript code as valid input?

Monitor your SQl databases for unauthorized or abnormal SQL injections.

Which of the following is a security countermeasure that could be used to protect your production SQL databases against injection attacks?

Damn Vulnerable Web Application

Which of the following is a tool left intentionally vulnerable to aid security professionals in learning about web security?

Penetration Testing

Which of the following should be performed on a regular schedule and whenever the web application and service is modified?

Their likelihood can be reduced through regular testing.

Which of the following statements is true regarding SQL Injection attacks?

They are one of the most common web attacks

Which of the following statements is true regarding cross-site scripting (XSS) attacks?

Persistent cross-site scripting attack

Which type of attack is triggered by the victim?


Ensembles d'études connexes

A&P Chp 15: Inner Layer (Retina)

View Set

Unit 10 Chapter 12 Reconstruction

View Set

OPMA 9 Material Requirement Planning

View Set

Financial Management Graduate Course FGCU: Chapter 2

View Set

Operations Management Chapter 14

View Set

IASSC - Yellow Belt Practice Questions

View Set