ITN 261 ch 9 Final

Changing the content of a Web site with the intent of leaving a distinguishing mark or changing its appearance is __________.

Web site defacement

What security features should a session have?

unique identifier

What is Brutus?

A password cracker tool

Which of the following options is a useful defense against database attacks? Nonstandard ports Firewalls OS security

All of the above

Why are database attacks that inject data a concern for organizations? False data might be added Answers: False data might be added Malicious code could be injected Databases could be filled

All of the above

Which of the following challenges can a Frewall solve?

B. Protec±on against scanning

Inserting <script>action</script> is an example of what type of Web attack?

Cross-site scripting

What is XSS?

Cross-site scripting

What is a typical Web applica±on vulnerability?

Enabling dynamic content

Input valida±on is a result of SQL injec±ons.

False

The stability of a Web server does not depend on the opera±ng system.

False

The target of source code exploits is most o²en databases.

False

Browsers do not display which of the following?

Hidden felds

What can an insecure login system provide?

Information about the existence of a user

Which of the following are scrip±ng languages? (Choose two)

JavaScriptB. . VBScript

Which of these describes a database security problem that occurs when actions of database users are not properly tracked?

Limited audit log settings

Which of the following is used to audit databases?

NGSSquirrel

An attacker who adds commands to a database query has likely used ___________.

SQL injection

Which of the following is designed to exploit applicaTons that solicit the client to supply data that is processed in the form of SQL (Structured Query Language) statements?

SQL injecton