Tag: security

Questions Related to security

Which of the following are worms that propagate through e-mail?
technology security

  1. Looksky worm

  2. Warhol worm

  3. Klez

  4. Sober

Show answer
Correct Option: A,C,D

Which of the following are XSS worms?

technology security

  1. Samy worm

  2. Bom Sabado

  3. SQL Slammer

  4. Sober worm

Show answer
Correct Option: A,B

The principle of least privilege as it applies to Access control mandates that:
technology security

  1. Group based access control should be implemented to assign permissions to application users

  2. Consistent authorization checking should be performed on all application pages

  3. A set of all allowable actions should be defined for each user role and all other's denied

  4. All failed access authorization requests should be logged to a secure location for review by administrators

Show answer
Correct Option: C

Which of the following is appropriate for customer emails regarding a limited time promotional offer?

technology security

  1. Request that the user authenticate him/herself by replying to the email with their account credentials.

  2. Personalized greeting line

  3. Providing easy access to the customer's account via a “Click Here” style link

  4. Sending the email from a domain set up specifically for the special offer

Show answer
Correct Option: B

Cross Site Scripting is an attack against

technology security

  1. Client (Browser)

  2. Database

  3. Web Application

  4. Web Server

Show answer
Correct Option: A

Which cookie flag, when set, will prevent their transmission over non secure channel?
technology security

  1. Secure

  2. Domain

  3. Expires

  4. Static

Show answer
Correct Option: A

The main risk to a web application in a cross site scripting attack is …
technology security

  1. Compromise of users

  2. Loss of data integrity

  3. Destruction of data

  4. None of the above

Show answer
Correct Option: A

Out of the following which can be considered as user input for which validation is not required
technology security

  1. Host Header

  2. Cookie

  3. Referrer Header

  4. None of the above

Show answer
Correct Option: D

Which languages are vulnerable to Cross Site Scripting attacks ?
technology security

  1. Java

  2. ASP.Net

  3. Perl

  4. All of the above

Show answer
Correct Option: D

What does “White List” data validation means?
technology security

  1. Data is validated against a list of values that are known to be valid

  2. Data is validated against a list of values that are known to be invalid

  3. Both of the above

  4. None of the above

Show answer
Correct Option: A