ITN-260 Chapter 3

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What language below is used to view and manipulate data that is stored in a relational database? a. SML b. HTML c. SQL d. SGML

SQL

The default root directory of the Microsoft Internet Information Services (IIS) Web server is located at which directory below? a. C:\wwwroot b. /var/www c. C:\Inetpub\ wwwroot d. /var/html

C:\Inetpub\ wwwroot

XSS attacks occur when an attacker takes advantage of web applications that accept user input without validating it and then present it back to the user.​ True False

True

When TCP/IP was developed, the host table concept was expanded into a hierarchical name system for matching computer names and numbers using this service: a. SML b. HTML c. DNS d. ​ARP

c. DNS

Select below the string of characters that can be used to traverse up one directory level from the root directory: a. ./ b. %20/ c. ;/ d. xxs../

../

How can an attacker substitute a DNS address so that a computer is automatically redirected to another device? a. Phishing b. DNS marking c. DNS overloading d. DNS poisoning

DNS poisoning

What language below is designed to display data, with a primary focus on how the data looks? a. SML b. HTML c. SGML d. XML

HTML

What portion of the HTTP packet consists of fields that contain information about the characteristics of the data being transmitted? a. SSL header b. HTTP header c. XML header d. HTML header

HTTP header

On a compromised computer, you have found that a user without administrative privileges was able to perform a task limited to only administrative accounts. What type of exploit has occurred? a. ​Man-in-the-middle b. ​Privilege escalation c. ​DNS cache poisoning d. ​ARP poisoning

Privilege escalation

An attack in which the attacker attempts to impersonate the user by using his or her session token is known as: a. Session blocking b. Session spoofing c. Session hijacking d. Session replay

Session hijacking

Although traditional network security devices can block traditional network attacks, they cannot always block Web application attacks. True False

True

Because the XSS is a widely known attack, the number of Web sites that are vulnerable is very small. False True.

True

What language below is for the transport and storage of data, with the focus on what the data is? a. SML b. HTML c. SGML d. XML

XML

Which type of attack below is similar to a passive man-in-the-middle attack? a. hijacking b. denial c. replay d. buffer overflow

replay

HTML uses which option below within embedded brackets (< >) causing a web browser to display text in a specific format? a. taps b. tags c. blocks d. marks

tags

Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database? a. whatever; AND email IS NULL; -- b. whatever" AND email IS NULL; -- c. whatever' AND email IS NULL; -- d. whatever AND email IS NULL; --

whatever' AND email IS NULL; -

Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database? a. whatever; AND email IS NULL; -- b. whatever' AND email IS NULL; -- c. whatever" AND email IS NULL; -- d. whatever AND email IS NULL; --

whatever' AND email IS NULL; --

Choose the SQL injection statement example below that could be used to find specific users: a. whatever' OR full_name = '%Mia%' b. whatever' OR full_name equals '%Mia%' c. whatever' OR full_name LIKE '%Mia%' d. whatever' OR full_name IS '%Mia%'

whatever' OR full_name LIKE '%Mia%'

Which SQL injection statement can be used to erase an entire database table? a. whatever'; DELETE TABLE members; -- b. whatever'; DROP TABLE members; -- c. whatever'; RENAME TABLE members; -- d. whatever'; UPDATE TABLE members; --

whatever'; DROP TABLE members; --


Ensembles d'études connexes

Logical Fallacies- AP Review Quiz #4

View Set

ECON202 CHAPTERS 1,2,6 quiz questions

View Set

Christ & His Church: History & Sacraments - Final Review (2017-2018)

View Set

CCNA Network Fundamentals 5 and 6

View Set

Chapter 4: The American Revolution (1765 - 1783)

View Set

Life Insurance Policy Provisions, Options and Riders

View Set

Accounting Final Practice Exam Part 2

View Set