Testout Chapter 9

You want to prevent your browser from running JavaScript commands that are potentially harmful. Which of the
following would you restrict to accomplish this?

client-side scripts

A programmer that fails to check the length of input before processing leaves his code vulnerable to what form of
common attack?

buffer overflow

Which of the following is an attack that injects malicious scripts into Web pages to redirect users to fake websites or
gather personal information?

xss

when you browse to a website, a pop-up window tells you that your computer has been infected with a virus. You click on the window to see what the problem is.

drive-by download

Having poor software development practices and failing to program input validation checks during development of
custom software can result in a system vulnerable to which type of attack?

buffer overflow

Which type of attack is the act of exploiting a software program's free acceptance of input in order to execute
arbitrary code on a target?

buffer overflow

an attacker inserts SQL database commands into a data input field of an order form used by a web-based application

implementing client-side validation

while using a web-based order form, an attacker enters an unusually large value in the quantity field. the value she entered is so large that it exceeds the maximum value supported by the variable type used to store the quantity in the web application.

integer overflow

flash explotation

lso exploit

Use of which of the ff. is a possible violation of privacy?

cookies

Which of the ff. is not true regarding cookies?

they operate within a security sandbox

Which of the ff. is a text file provided by a Web site to client that is stored on a user's hard drive in order to track and record information about the user?

cookie

You want to allow e-commerce Web site that you visit to keep track of your browsing history for shopping carts and other information, but want to prevent that information from being tracked by sites linked to the sites you explicitly visit. How should you configure the browser settings?

Allow first party cookies but block third-party cookies

To help prevent browser attacks, users of public computers should do which of the ff.?

clear the browser cache

You manage several Windows systems. Deskstop users access an in-house application that is hosted on you intranet Web server. When a user clicks a specific option in the application, they receive an error message that the popup was blocked. You need to configure the security settings so that users can see the pop-up without compromising overall security. What should you do?

Add the URL of the Web site to the Local Intranet zone.

you manage several windows systems. all computers are members of domain. you use an internal website that uses integrated windows authentication. you attempt to connect the website and are promted for authentication

add the internal website to the local intranet zone

You have been getting a lot of phishing e-mails sent from the domain Kenyan.msn.pl. Links within these e-mails open new browser windows at youneedit.com.pl

You want to make sure that these e-mails never reach your Inbox, but the e-mails from other senders are not affected. What should you do?

Add Kenyan.msn.pl to the e-mail blacklist.

Which type of malicious activity can be described as numerous unwanted and unsolicited e-mail messages sent to a wide range of victims?

spamming

an attacker sends an unwanted and unsolicited email message to multiple recipients with an attachment that contains malware

spam

you want to use a protocol for encrypting e-mails that uses a PKI with x.509 certificates. which method should you choose

S/MIME

What is the most common means of virus distribution

e-mail

you install a new linux distribution on a server in your network.

open SMTP relay

users in your organization receive email messages informing them that suspicious activity has be detected on their bank account

phishing

What common design feature among Instant Messaging clients make them more insecure than other means of communicating over the Internet?

peer-to-peer networking

What type of attack is most likely to succeed against communications between Instant Messaging clients?

SNIFFING

Instant Messaging does not provide which of the ff.?

privacy

Which of the ff. are disadvantages to server virtualization?

a compromise of the host system might affect multiple servers;

You have a development machine contains sensitive information relative to your business. You are concerned that spyware and malware installed while browsing websites could compromise your system or pose a confidentiality risk. Which of the ff. would best protect your system?

Run the browser within a virtual environment

Which of the ff. is an advantage of virtual browser?

Protects the operating system from malicious downloads

Which of the ff. will enter random data to the inputs of an application?

fuzzing

Which of the ff. is specifically meant to ensure that a program operates on clean, correct and useful data?

input validation

during the application development cycle, an application tester creates multiple virtual machines on a hypervisor, each with a different version

configuration testing

during the application dev cycle, a developer asks serveral of his peers to asses the portion of the application he was assigned to write

code review

Testout Chapter 9 - Subjecto.com

Testout Chapter 9

Your page rank:

Total word count: 876
Pages: 3

Calculate the Price

- -
275 words
Looking for Expert Opinion?
Let us have a look at your work and suggest how to improve it!
Get a Consultant

You want to prevent your browser from running JavaScript commands that are potentially harmful. Which of the
following would you restrict to accomplish this?

client-side scripts

A programmer that fails to check the length of input before processing leaves his code vulnerable to what form of
common attack?

buffer overflow

Which of the following is an attack that injects malicious scripts into Web pages to redirect users to fake websites or
gather personal information?

xss

when you browse to a website, a pop-up window tells you that your computer has been infected with a virus. You click on the window to see what the problem is.

drive-by download

Having poor software development practices and failing to program input validation checks during development of
custom software can result in a system vulnerable to which type of attack?

buffer overflow

Which type of attack is the act of exploiting a software program’s free acceptance of input in order to execute
arbitrary code on a target?

buffer overflow

an attacker inserts SQL database commands into a data input field of an order form used by a web-based application

implementing client-side validation

while using a web-based order form, an attacker enters an unusually large value in the quantity field. the value she entered is so large that it exceeds the maximum value supported by the variable type used to store the quantity in the web application.

integer overflow

flash explotation

lso exploit

Use of which of the ff. is a possible violation of privacy?

cookies

Which of the ff. is not true regarding cookies?

they operate within a security sandbox

Which of the ff. is a text file provided by a Web site to client that is stored on a user’s hard drive in order to track and record information about the user?

cookie

You want to allow e-commerce Web site that you visit to keep track of your browsing history for shopping carts and other information, but want to prevent that information from being tracked by sites linked to the sites you explicitly visit. How should you configure the browser settings?

Allow first party cookies but block third-party cookies

To help prevent browser attacks, users of public computers should do which of the ff.?

clear the browser cache

You manage several Windows systems. Deskstop users access an in-house application that is hosted on you intranet Web server. When a user clicks a specific option in the application, they receive an error message that the popup was blocked. You need to configure the security settings so that users can see the pop-up without compromising overall security. What should you do?

Add the URL of the Web site to the Local Intranet zone.

you manage several windows systems. all computers are members of domain. you use an internal website that uses integrated windows authentication. you attempt to connect the website and are promted for authentication

add the internal website to the local intranet zone

You have been getting a lot of phishing e-mails sent from the domain Kenyan.msn.pl. Links within these e-mails open new browser windows at youneedit.com.pl

You want to make sure that these e-mails never reach your Inbox, but the e-mails from other senders are not affected. What should you do?

Add Kenyan.msn.pl to the e-mail blacklist.

Which type of malicious activity can be described as numerous unwanted and unsolicited e-mail messages sent to a wide range of victims?

spamming

an attacker sends an unwanted and unsolicited email message to multiple recipients with an attachment that contains malware

spam

you want to use a protocol for encrypting e-mails that uses a PKI with x.509 certificates. which method should you choose

S/MIME

What is the most common means of virus distribution

e-mail

you install a new linux distribution on a server in your network.

open SMTP relay

users in your organization receive email messages informing them that suspicious activity has be detected on their bank account

phishing

What common design feature among Instant Messaging clients make them more insecure than other means of communicating over the Internet?

peer-to-peer networking

What type of attack is most likely to succeed against communications between Instant Messaging clients?

SNIFFING

Instant Messaging does not provide which of the ff.?

privacy

Which of the ff. are disadvantages to server virtualization?

a compromise of the host system might affect multiple servers;

You have a development machine contains sensitive information relative to your business. You are concerned that spyware and malware installed while browsing websites could compromise your system or pose a confidentiality risk. Which of the ff. would best protect your system?

Run the browser within a virtual environment

Which of the ff. is an advantage of virtual browser?

Protects the operating system from malicious downloads

Which of the ff. will enter random data to the inputs of an application?

fuzzing

Which of the ff. is specifically meant to ensure that a program operates on clean, correct and useful data?

input validation

during the application development cycle, an application tester creates multiple virtual machines on a hypervisor, each with a different version

configuration testing

during the application dev cycle, a developer asks serveral of his peers to asses the portion of the application he was assigned to write

code review

Share This
Flashcard

More flashcards like this

NCLEX 10000 Integumentary Disorders

When assessing a client with partial-thickness burns over 60% of the body, which finding should the nurse report immediately? a) ...

Read more

NCLEX 300-NEURO

A client with amyotrophic lateral sclerosis (ALS) tells the nurse, "Sometimes I feel so frustrated. I can’t do anything without ...

Read more

NASM Flashcards

Which of the following is the process of getting oxygen from the environment to the tissues of the body? Diffusion ...

Read more

Unfinished tasks keep piling up?

Let us complete them for you. Quickly and professionally.

Check Price

Successful message
sending