Q. If an attacker manages to get an application to execute an SQL query created by the attacker, then such attacks are called as _________

View solution

Q. An attack on a website that stores and displays text to a user is known as ______ attack

View solution

Q. The URL of the page that had the link that the user clicked to access the page is called as _____

View solution

Q. State true or false: Password leakage is a major security problem

View solution

Q. The system where two independent pieces of data are used to identify a user is called as ______

View solution

Q. What are man in the middle attacks?

View solution

Q. What are phishing attacks?

View solution

Q. What is the standard for exchanging authentication and authorization information between two different security domains?

View solution

Q. A log of all changes to the application data is called as __________

View solution

Q. Which of the following is a valid encryption technique?

View solution

Q. In _________________ attacks, the attacker manages to get an application to execute an SQL query created by the attacker.

View solution

Q. A Web site that allows users to enter text, such as a comment or a name, and then stores it and later displays it to other users, is potentially vulnerable to a kind of attack called a ___________________ attack.

View solution

Q. _________ is an attack which forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated.

View solution

Q. Many applications use _________________, where two independent factors are used to identify a user.

View solution

Q. Even with two-factor authentication, users may still be vulnerable to_____________attacks.

View solution

Q. A single ______________ further allows the user to be authenticated once, and multiple applications can then verify the user’s identity through an authentication service without requiring reauthentication.

View solution

Q. The ___________________ is a standard for exchanging authentication and authorization information between different security domains, to provide cross-organization single sign-on.

View solution

Q. The __________ standard is an alternative for single sign-on across organizations, and has seen increasing acceptance in recent years.

View solution

Q. _______________ allows a system administrator to associate a function with a relation; the function returns a predicate that must be added to any query that uses the relation.

View solution

Q. VPD provides authorization at the level of specific tuples, or rows, of a relation, and is therefore said to be a _____________ mechanism.

View solution