Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security Knowledge Bank > Attack Mitigations > Flashcards

Attack Mitigations Flashcards

list Mitigations for the attacks

1
Q

SQL Injection

A

1) Use Prepared statements (with Parameterised queries
2) Use properly constructed stored procedures
3) Allow-list input validation
4) Escape all user submitted input

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Reflected XSS

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Stored XSS

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Directory Traversal Attack / Path Traversal Attack

A

1) Input Validation & Sanitisation
- White listing inputs
- Sanitising Input (remove/encode special characters)
2) Use secure APIs
3) Limit File Access
4) Configure Web Server
- Disable Directory Listing
- Block access to Sensitive files
5) Use a WAF (Web Application Firewall)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Local File Inclusion Attack

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Remote File Inclusion Attack

A

1) Input validation & Sanitation
2) Disable remote URL file inclusion
3) Hardcoding file paths
4) Proper Error Handling to avoid leaking sensitive information to end-users
5) WAF to identify and block inclusion attempts
6)Use Security Headers to restrict the sources from which content can be loaded and to prevent browsers from interpreting files as different MIME types than what is declared.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security Knowledge Bank (23 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions