Web Security and forensics MCQs
- which attacks, the attacker manage’s to take control of the application to execute an SQL query created by the attacker…
a) SQL injection
b) Direct
c) SQL
d) Application
e) None of these
- A Web site that allows users to enter text, such as a comment or a name, and then stores it and laterdisplays it to other users, is potentially vulnerable to a kind of attack what attack is it…
a)Cross-site scoring scripting
b) Cross-site request forgery
c) Cross-site scripting
d) Two-factor authentication
e) None of these - Â Attack which forces a user(end user)to execute unwanted actions on a web application in which he/she
is currently authenticated…
a) Cross-site scoring scripting
b) Cross-site request forgery
c) Cross-site scripting
d) Two-factor authentication
e) None of these - Even with two-factor authentication, users are vulnerable to which attacks.
a) Man-in-the-middle
b) Cross attack
c) scripting
d) Radiant
e) None of these - which factor uses in many applications, where two independent factors are used to identify a user…
a) Cross-site scriptingb) Cross-site request forgery
c) Two-factor authentication
d) Cross-site scoring scripting
e) None of these -  The system that allows the user to be authenticated once and multiple applications can then verify the user’s identity through an authentication service without requiring reauthentication…
a) OpenID
b) Sign-on system
c) Security Assertion Markup Language
d) Virtual Private Database
e) None of these - Â which database is a standard for exchanging authentication and authorization information
between different security domains, to provide cross-organization …
a) OpenID
b) Security Assertion Markup Language
c) Sign-on system
d) Virtual Private Database
e) None of these - which id standard is an alternative for single sign-on across organizations, and has seen increasing acceptance in recent years…
a) OpenID
b) Single-site system
c) Security Assertion Markup Language
d) Virtual Private Database
e) None of these - which database allows a system administrator to associate a function with a relation the function returns a predicate that must be added to any query that uses the relation…
a)OpenID
b)Security Assertion Markup Language
c)Single-site system
d) Virtual Private Database
- VPD(virtual private database) provides authorization at the level of specific tuples, or rows, of a relation, and is therefore said to be a mechanism…
a) row-level authorization
b) Column-level authentication
c)Â authentication
d) Authorization security
e) None of these
