Mitigate Web Application Vulnerabilities and Attacks

Question 1

An injection attack occurs when the attacker inserts malicious code through an
application interface

Answer 1

Directory Traversal

Question 2

A web application vulnerability that allows an attacker either to download a file
from an arbitrary location on the host file system or to upload an executable or
script file to open a backdoor

Answer 2

File Inclusion

Question 3

An attacker executes a script to inject a remote file into the web app or website

Answer 3

Remote File Inclusion

Question 4

An attacker adds a file to the web app or website that already exists on the
hosting server

Answer 4

Local File Inclusion

Question 5

A malicious script hosted on the attacker’s site or coded in a link injected onto a
trusted site designed to compromise clients browsing the trusted site,
circumventing the browser’s security model of trusted zones

Answer 5

Cross-Site Scripting

Question 6

An attack that inserts code into a back-end database used by the trusted site

Answer 6

Persistent XSS

Question 7

An attack that exploits the client’s web browser using client-side scripts to modify
the content and layout of a web page

Answer 7

Document Object Model (DOM) XSS

Question 8

Structured Query Language (SQL) is used to select, insert, delete, or update data within a database

Answer 8

SQL Injection

Question 9

Insertion of additional information or code through data input from a client to an
application

Answer 9

Injection Attack

Question 10

Attack consisting of the insertion or injection of an SQL query via input data from
the client to a web application

Answer 10

SQL Injection

Question 11

XML data submitted without encryption or input validation is vulnerable to spoofing,
request forgery, and injection of arbitrary code

Answer 11

XML Vulnerabilities

Question 12

XML encodes entities that expand to exponential sizes, consuming memory on
the host and potentially crashing it

Answer 12

XML Bomb (Billion Laughs Attack)

Question 13

An attack that embeds a request for a local resource

Answer 13

XML External Entity (XXE)

Question 14

Any technique used to ensure that the data entered into a field or variable in an
application is handled appropriately by that application

Answer 14

Input Validation

Question 15

A string is stripped of illegal characters or substrings and converted to the
accepted character set

Answer 15

Normalization

Question 16

Attack method where input characters are encoded in such a way as to evade
vulnerable input validation measures

Answer 16

Canonicalization Attack

Question 17

Coding methods to sanitize output by converting untrusted input into a safe form
where the input is displayed as data to the user without executing as code in the
browser

Answer 17

Output Encoding

Question 18

A technique that defends against SQL injection and insecure object references by
incorporating placeholders in a SQL query

Answer 18

Parameterized Queries

Question 19

A software-based attack where the goal is to assume the identity of a user,
process, address, or other unique identifier

Answer 19

Spoofing

Question 20

An attack where the attacker sits between two communicating hosts and
transparently captures, monitors, and relays all communication between the
hosts

Answer 20

Man-in-the-Middle Attack

Question 21

Brute force attack in which multiple user accounts are tested with a dictionary of
common passwords

Answer 21

Password Spraying

Question 22

Brute force attack in which stolen user account names and passwords are tested
against multiple websites

Answer 22

Credential Stuffing

Question 23

A software vulnerability where the authentication mechanism allows an attacker
to gain entry
▪ Weak password credentials
▪ Weak password reset methods
▪ Credential exposure
▪ Session hijacking

Answer 23

Broken Authentication

Question 24

Session management is a fundamental security component in web applications

Answer 24

Session Management

Question 25

Text file used to store information about a user when they visit a website

Answer 25

Cookie

Question 26

Cookies that are stored in the browser cache until they are deleted by the user or
pass a defined expiration date

Answer 26

Persistent Cookie

Question 27

A type of spoofing attack where the attacker disconnects a host then replaces it
with his or her own machine, spoofing the original host’s IP address

Answer 27

Session Hijacking

Question 28

A type of spoofing attack where the attacker attempts to predict the session
token to hijack a session

Answer 28

Session Prediction Attacks

Question 29

A malicious script hosted on the attacker’s site that can exploit a session started
on another site in the same browser

Answer 29

Cross-Site Request Forgery (XSRF/CSRF)

Question 30

Modifies the contents of a cookie after it has been generated and sent by the web
service to the client’s browser so that the newly modified cookie can be used to
exploit vulnerabilities in the web app

Answer 30

Cookie Poisoning

Question 31

A software vulnerability where an attacker is able to circumvent access controls and
retrieve confidential or sensitive data from the file system or database

Answer 31

Sensitive Data Exposure

Question 32

A type of hijacking attack that forces a user to unintentionally click a link that is embedded in or
hidden by other web page elements

Answer 32

Clickjacking