Revision Flashcards
1
Q
5 factors that have exacerbated security issues surrounding web apps
A
- user error
- phishing
- lack of multi factor authentication
- recycling of passwords between applications
- careless configuration by sys admin / developers
2
Q
Draw 7 layer OSI Model
A
- Application Layer
- Presentation Layer
- Session
- Transport
- Network
- Data link later
- Physical
3
Q
What are the 3 new OSI layer models?
A
- Government
- Organisation
- User
4
Q
What 4 parts does a HTTP request contain?
A
- Request line
- Several Headers
- Optional body message
- A mandatory blank line
Server type is exposed in the header
5
Q
HTTP is what type of protocol?
A
- message based
- statelesss
- operates by sending a message to the server
- receives a response in return
6
Q
List 6 other HTTP requests
A
- HEAD
- OPTION
- PUT
- TRACK
- TRACE
- DELETE
7
Q
List 2 main types of HTTP request
A
- GET
- POST
8
Q
What does the first line of a HTTP request comprise of?
A
- request method: GET or POST
- required resource: HTTP version (HTTP/1.0 or HTTP/1.1)
9
Q
Headers are on lines 2 - 4 of a GET request. What do they inform the server of?
A
- methods of encoding
- compression
- content types supports by the client
10
Q
User agent header is used for what 2?
A
- by the client browser to identify itself to the application
- differentiate between desktop and mobile devices
11
Q
What is line 6 used for in HTTP Get ?
A
- Host header
- used to identfiy which server the client is attempting to access
- 1 server can host multiple websites
12
Q
Connection header Line 7 of the HTTP request is used for what?
A
instructs the web server to either keep connection alive or close after current transaction
13
Q
Line 8 is used for what
A
cookies
14
Q
line 9 is used for what?
A
- mandatory blank line
- cr lf
15
Q
How does SQL injection occur?
A
- from a lack of encoding/escaping of user-controlled input
- when included in SQL queries.
