Computer System Security 9th Week Solution

4
2593
computer-system-security-9th-week-solution
computer-system-security-9th-week-solution

Disclaimer for ReGyan

If you require any more information or you have any problem regarding Copyright or have any questions about our site’s disclaimer, please feel free to contact us by email at [email protected].

Disclaimers for ReGyan

All the information on this website is published in good faith and for general information and educational purpose only. ReGyan does not make any warranties about the completeness, reliability, and accuracy of this information. Any action you take upon the information you find on this website (regyan.com), is strictly at your own risk. will not be liable for any losses and/or damages in connection with the use of our website.

 


Computer System Security 9th Week Solution is given below.

Q:1. _________ is an attack which forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated.

1. Two-factor authentication

2. Cross-site request forgery

3. Cross-site scripting

4. Cross-site scoring scripting

Also See:- Sir Ratan Tata Scholarship 2020 Apply Online

Answer:- 2. Cross-site request forgery

Q:2. _____ of home users that have broadband router with a default or no password (according to the lecture)

1. 85%

2. 64%

3. 50%

4. 45%

Answer:- 3. 50%

Q:3. Which of the following is a common source blocking?

1. Buggy User agents

2. User preference in browser

3. Network stripping by local machine

4. All of the above




Answer:- 4. All of the above

PLEASE LIKE & SUBSCRIBE THIS YOUTUBE CHANNEL

Q:4. Which of the following is a reason for mounting CSRF attack?

1. Network Connectivity

2. Read Browser State

3. Write Browser State

4. All of the above

Answer:- 4. All of the above

Q:5. To prevent CSRF, _______ validation should be used.

1. Referrer

2. Origin

3. Either A or B

4. None of the above

Answer:- 3. Either A or B

Q:6. What of the following is a website vulnerability?

1. SQL Injection

2. CSRF

3. Cross Side Scripting

4. All of the above

Answer:- 4. All of the above

Q:7. What happens when an application takes user inputted data and sends it to a web browser without proper validation and escaping?

1. Security Misconfiguration

2. Cross Site Scripting

3. Insecure Direct Object References

4. Broken Authentication and Session Management




Answer:- 2. Cross Site Scripting

Q:8. A Web site that allows users to enter text, such as a comment or a name, and then stores it and later display it to other users, is potentially vulnerable to a kind of attack called a ___________________ attack.

1. Two-factor authentication

2. Cross-site request forgery

3. Cross-site scripting

4. Cross-site scoring scripting

Answer:- 3. Cross-site scripting

Q:9. _________ is a method of injecting malicious code.

1. Stored XSS

2. Reflected XSS

3. DOM based attack

4. All of the above

Also See:- UPPSC Recruitment 2020, 200 ACF/ RFO & Other Vacancies Apply Online




PLEASE LIKE & SUBSCRIBE THIS YOUTUBE CHANNEL

Answer:- 4. All of the above

Q:10. In cross-site scripting where does the malicious script execute?

1. On the web server

2. In the user’s browser

3. On the attacker’s system

4. In the web app model code

Answer:- 2. In the user’s browser

Q:11. Which of the following is the best way to prevent a DOM-based XSS attack?

1. Set the HttpOnly flag in cookies

2. Ensure that session IDs are not exposed in a URL

3. Ensure that a different nonce is created for each request

4. Validate any input that comes from another Web site

Answer:- 4. Validate any input that comes from another Web site

Q:12. Which of the following is the best way to prevent malicious input exploiting your application?

1. Input validation using an allow List

2. Using encryption

3. Using table indirection

4. Using GET/POST parameters




Answer:- 1. Input validation using an allow List

Q:13. Which of the following is an advanced anti – XSS tool?

1. Dynamic Data Tainting

2. Static Analysis

3. Both A and B

4. None of the above

Answer:- 3. Both A and B

Q:14. Which of the following is a part of output filtering / encoding?

1. Remove / encode (X) HTML special chars

2. Allow only safe commands

3. Both A and B

4. None of the above

Answer:- 3. Both A and B

Q:15. Identify the correct statement with respect to ASP.NET output filtering?

1. Validate request

2. Javascript as scheme in URI

3. Javascript On{event} attributes (handlers)

4. All of the above

PLEASE LIKE & SUBSCRIBE THIS YOUTUBE CHANNEL

Answer:- 4. All of the above




Computer System Security 9th Week Solution is given below. the solution of Computer System Security 7rd Week Solution and all the answers are correct.

4 COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here