HOD401 Chapter 13

Ace your homework & exams now with Quizwiz!

6. __________ can be used to identify a web server. A. Session hijacking B. Banner grab C. Traversal D. Header analysis

9. What could be used to monitor application errors and violations on a web server or application? A. HIDS B. HIPS C. NIDS D. Logs

17. Groups and individuals who may hack a web server or web application based on principle or personal beliefs are known as __________. A. White hats B. Black hats C. Script kiddies D. Hacktivists

20. A common attack against web servers and web applications is __________. A. Banner grab B. Input validation C. Buffer validations D. Buffer overflow

4. Which of the following is used to access content outside the root of a website? A. Brute force B. Port scanning C. SQL injection D. Directory traversal

18. The Wayback Machine would be useful in viewing what type of information relating to a web application? A. Get Job postings B. Websites C. Archived versions of websites D. Backup copies of websites

8. Which of the following is used to set permissions on content in a website? A. HIDS B. ACE C. ACL D. ALS

11. A POODLE attack targets what exactly? A. SSL B. TLS C. VPN D. AES

12. What is used to store session information? A. Cookie B. Snoop C. Directory D. File

14. Which command would retrieve banner information from a website at port 80? A. nc 192.168.10.27 80 B. nc 192.168.19.27 443 C. nc 192.168.10.27 -p 80 D. nc 192.168.10.27 -p -l 80

15. How is a brute-force attack performed? A. By trying all possible combinations of characters B. By trying dictionary words C. By capturing hashes D. By comparing hashes

16. What is the command to retrieve header information from a web server using Telnet? A. telnet <website name> 80 B. telnet <website name> 443 C. telnet <website name> -port:80 D. telnet <website name> -port:443

19. What may be helpful in protecting the content on a web server from being viewed by unauthorized personnel? A. Encryption B. Permissions C. Redirection D. Firewalls

2. __________ is a client-side scripting language. A. JavaScript B. ASP C. ASP.NET D. PHP

7. In the field of IT security, the concept of defense in depth is layering more than one control on another. Why would this be helpful in the defense of a system of sessionhijacking? A. To provide better protection B. To build dependency among layers C. To increase logging ability D. To satisfy auditors

1. Which of the following best describes a web application? A. Code designed to be run on the client B. Code designed to be run on the server C. SQL code for databases D. Targeting of web services

13. Which attack can be used to take over a previous session? A. Cookie snooping B. Session hijacking C. Cookie hijacking D. Session sniffing

3. Which of the following is an example of a server-side scripting language? A. JavaScript B. PHP C. SQL D. HTML

5. Which of the following can prevent bad input from being presented to an application through a form? A. Request filtering B. Input validation C. Input scanning D. Directory traversing

10. Which of the following is an attribute used to secure a cookie? A. Encrypt B. Secure C. HttpOnly D. Domain

BCD

See all study sets

HOD401 Chapter 13

Related study sets

AC 2-1, 2-2, 2-3 Homework

Network Modules 6-8

MCB 32 lecture 13

hist test 2

Top ten largest deserts of the world

mgmt exam 2

i cliq

Instaling and configuring windows server 2012 R2

CH 3 Life insurance

Mastering Astronomy: Star Death

Positive Psych exam 2

Gynecologic emergency

Final Study Guide

ISOMETRIC, CONCENTRIC CONTRACTIONS

Poli Sci 140B Midterm: Question 4

Chapter 38: Caring for Clients With Cerebrovascular Disorders

Chapter 10

Java Interview Questions - TutorialsPoint

Ch. 12 Leadership

Ch.8 Political Parties Vocabulary for A.P. Government.