Cyb 240 Mod 1 Reading Quiz
__________ have the greatest scope and include vulnerability testing.
Audits
What question does a web application audit answer?
Is an organization implementing its web application policies correctly?
Which of the following is considered transport-level encryption?
TLS
Which of the following is not a main benefit of automated testing?
50 percent scope
What type of data is most useful when provided in a testing report?
Actionable Data
__________ refers to copies of recently viewed web pages and associated data that are stored on a local disk.
Cache
If IFrames are used in an application without any restriction on the source of the content, then a __________ attack can occur.
Clickjacking
Sending clear text on an unencrypted communications channel is susceptible to what?
Eavesdropping
Once testing is complete, what is the next step?
Fix the vulnerability identified in the testing
__________ is a form of one-way encryption.
Hashing
This part of a vulnerability assessment is usually done by an expert tester who utilizes several testing tools.
Manual Component
What is the first step of an audit?
NOT A retrospective of all the vulnerabilities
What type of data is most useful when provided in a testing report?
NOT Clear Data
Which is not a downside of manual testing?
NOT Expense
What question does a web application audit answer?
NOT What security weaknesses or vulnerabilities exist within an application?
__________ are among the most important elements of internet security.
Passwords
Which of the following is a standard security protocol for establishing an encrypted link between a web server and a web client?
SSL
If the __________ flag is set on a cookie, browsers will not submit the cookie in any requests that use an unencrypted HTTP connection.
Secure
The most reliable certificates are managed by what type of party?
Third
__________ vulnerability is caused by flaws in client-side scripting languages such as JavaScript and the HTML scripting language.
XSS