Never inserting untrusted data except in allowed locations can be used to mitigate which of the following attacks? (Select two answers.)
a. Buffer overflow
b. Cross-site request forgery (XSRF)
c. Cross-Site Scripting (XSS)
d. Input validation error
Answer: A & D.
A buffer overflow is a direct result of poor or incorrect input validation or mishandled exceptions, and input validation errors are a result of improper field checking in the code. Answer B is incorrect because Cross-site request forgery (XSRF) is an attack in which the end user executes unwanted actions on a web application while they are currently authenticated. Answer C is incorrect because Cross-Site Scripting (XSS) vulnerabilities can be used to hijack the user's session or to cause the user accessing malware-tainted Site A to unknowingly attack Site B on behalf of the attacker who planted code on Site A.
Learn More :
Network Security
- The use of computer analysis techniques to gather evidence for criminal and/or civil trials is known as:
- To snare intruders, many organizations now use _________ techniques.
- A fundamental technique to determine if an intrusion is in progress in a stable network is: a. anomaly detection b. armoring cable c. RSA algorithm d. patching e. scanning a user's fingerprint Answer: a. anomaly detection
- Which of the following is not a type of intrusion prevention system?
- Which of the following is not true about one-time passwords?
- Which of the following is a mode that is used by IPSec?
- IP Security Protocol:
- A __________ is a trusted organization that can vouch for the authenticity of the person or the organization using the authentication.
- __________ provide authentication which can legally prove who sent a message over a network.
- DES:
- A brute force attack against an encryption system:
- A symmetric encryption system has two parts: the key and the ____________.
- Encryption is the process of:
- A way to prevent intrusion by disguising information through algorithms is:
- Spyware, adware and DDOS agents are three types of:
- A security hole is a(n):
- A(n) _________ is a type of application level firewall that is transparent so that no other computer notices that it is on the network.
- A(n) ____________ acts an intermediate host computer or gateway between the Internet and the rest of the organization's networks.
- IP spoofing means to:
- A(n) ____________ examines the source and destination address of every network packet that passes through it.
- A __________ is a router or special purpose computer that examines packets flowing into and out of a network and restricts access to the organization's network.
- __________ refers to the process of translating between one set of private addresses inside a network and a set of public address outside the network.
- With ANI security control, the network manager:
- The use of a(n) _________ prevents unauthorized intruders from accessing a computer network because the host or server will only permit access via inbound calling from prespecified phone numbers.
- A sniffer program is a: