Q. What is the standard for exchanging authentication and authorization information between two different security domains?

View solution

Q. A log of all changes to the application data is called as __________

View solution

Q. Which of the following is a valid encryption technique?

View solution

Q. In _________________ attacks, the attacker manages to get an application to execute an SQL query created by the attacker.

View solution

Q. A Web site that allows users to enter text, such as a comment or a name, and then stores it and later displays it to other users, is potentially vulnerable to a kind of attack called a ___________________ attack.

View solution

Q. _________ is an attack which forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated.

View solution

Q. Many applications use _________________, where two independent factors are used to identify a user.

View solution

Q. Even with two-factor authentication, users may still be vulnerable to_____________attacks.

View solution

Q. A single ______________ further allows the user to be authenticated once, and multiple applications can then verify the user’s identity through an authentication service without requiring reauthentication.

View solution

Q. The ___________________ is a standard for exchanging authentication and authorization information between different security domains, to provide cross-organization single sign-on.

View solution

Q. The __________ standard is an alternative for single sign-on across organizations, and has seen increasing acceptance in recent years.

View solution

Q. _______________ allows a system administrator to associate a function with a relation; the function returns a predicate that must be added to any query that uses the relation.

View solution

Q. VPD provides authorization at the level of specific tuples, or rows, of a relation, and is therefore said to be a _____________ mechanism.

View solution