For a connection that changes from HTTP to HTTPS, what flaw arises if you do not change the session identifier?
Answer
Correct Answer:
Session Replay
Note: This Question is unanswered, help us to find answer for this one
What threat arises from not flagging HTTP cookies with tokens as secure?
Answer
Correct Answer:
Session Hijacking
Note: This Question is unanswered, help us to find answer for this one
For an indirect reference, what happens if there's no list of limited values authorized for a user in the direct reference?
Answer
Correct Answer:
Access to sensitive data possible
Note: This Question is unanswered, help us to find answer for this one
For the every link or form which invoke state changing functions with an unpredictable token for each user what attack can be prevented?
Answer
Correct Answer:
Cross Site Request Forgery
Note: This Question is unanswered, help us to find answer for this one
Attack that exploits the trust that a site has in a user's browser
Answer
Correct Answer:
Cross Site Request Forgery
Note: This Question is unanswered, help us to find answer for this one
What flaw arises from session tokens having poor randomness across a range of values?
Answer
Correct Answer:
Session Hijacking
Note: This Question is unanswered, help us to find answer for this one
An IP Address is the Internet equivalent of
Answer
Correct Answer:
Your mailing address
Note: This Question is unanswered, help us to find answer for this one
What flaw can lead to exposure of resources or functionality to unintended actor?
Answer
Correct Answer:
Improper Authentication
Note: This Question is unanswered, help us to find answer for this one
An attack technique that forces a user's session credential or session ID to an explicit value.
Answer
Correct Answer:
Session Fixation
Note: This Question is unanswered, help us to find answer for this one
We can allow client side scripts to execute in the browsers for needed operations.
Answer
Correct Answer:
False
Note: This Question is unanswered, help us to find answer for this one
What is a cookie
Answer
Correct Answer:
A file that makes it easier to access a Web site and browse
Note: This Question is unanswered, help us to find answer for this one
Network permissions should be established so that users can accomplish their tasks, but cannot access any system resources that are not necessary so that
Answer
Correct Answer:
Only the resources authorized for that user will be at risk
Note: This Question is unanswered, help us to find answer for this one
What is phishing?
Answer
Correct Answer:
Email Scam
Note: This Question is unanswered, help us to find answer for this one
What happens when an application takes user inputted data and sends it to a web browser without proper validation and escaping?
Answer
Correct Answer:
Cross Site Scripting
Note: This Question is unanswered, help us to find answer for this one
Which threat can be prevented by having unique usernames generated with a high degree of entropy?
Answer
Correct Answer:
Authentication bypass
Note: This Question is unanswered, help us to find answer for this one
For every link or form which invoke state-changing functions with an unpredictable token for each user what attack can be prevented?
Answer
Correct Answer:
Cross Site Request Forgery
Note: This Question is unanswered, help us to find answer for this one
What flaw can lead to exposure of resources or functionality to unintended actors?
Answer
Correct Answer:
Improper Authentication
Note: This Question is unanswered, help us to find answer for this one
What is the attack technique used to exploit web sites by altering backend database queries through inputting manipulated queries?
Answer
Correct Answer:
SQL Injection
Note: This Question is unanswered, help us to find answer for this one
For an an indirect reference, what happens if there’s no list of limited values authorized for a user in the direct reference?
Answer
Correct Answer:
Access to sensitive data possible
Note: This Question is unanswered, help us to find answer for this one
Which attack can execute scripts in the user’s browser and is capable of hijacking user sessions, defacing websites or redirecting the user to malicious sites.
Answer
Correct Answer:
Cross site scripting.
Note: This Question is unanswered, help us to find answer for this one