II Chapter 9 - Web & Database Attacks
B. False
The stability of a Web server does not depend on the operating system. A. True B. False
B. False
The target of source code exploits is most often databases. A. True B. False
A. Enabling dynamic content
What is a typical Web application vulnerability? A. Enabling dynamic content B. Streaming video C. Applying scripting D. Lack of input validation
A. JavaScript C. VBScript
Which of the following are scripting languages? (choose two) A. JavaScript B. HTML C. VBScript D. SQLRecon
B. Protection against scanning
Which of the following challenges can a firewall solve? A. Protection against buffer overflows B. Protection against scanning C. Inadequate input validation D. Ability of a Web application to use nonstandard ports
B. SQL injection
Which of the following is designed to exploit applications that solicit the client to supply data that is processed in the form of SQL statements? A. Buffer overflows B. SQL injection C. Buffer injection D. Input validaton
C. NGSSquirrel
Which of the following is used to audit databases? A. Ping B. IPConfig C. NGSSquirrel D. XSS
B. Hidden fields
Browsers do not display which of the following? A. ActiveX B. Hidden fields C. Java D. JavaScript
B. False
Input validation is a result of SQL injections. A. True B. False