Web Security

Question 1

Cookies are created by ads that run on websites

Answer 1

trueP3L2

Question 2

Cookies are created by websites a user is visiting

Answer 2

trueP3L2

Question 3

Cookies are compiles pieces of code

Answer 3

falseP3L2

Question 4

Cookies can be used as a form of virus

Answer 4

falseP3L2

Question 5

Cookies can be used as a form of spyware

Answer 5

trueP3L2

Question 6

A web browser can be attacked by any website that it visits

Answer 6

trueP3L2

Question 7

Even if a browser of compromised, the rest of the computer is still secure

Answer 7

falseP3L2

Question 8

Web servers can be compromised because of exploits on web applications

Answer 8

trueP3L2

Question 9

When a user’s browser visits a compromised or malicious site, a malicious script is returned

Answer 9

trueP3L2

Question 10

To prevent XSS, any user input must be checked and preprocessed before it is used

Answer 10

trueP3L2

Question 11

Checking the HTTP referrer header to see if the request comes from an authorized page can protect against XSRF

Answer 11

trueP3L2

Question 12

Using a synchronizer token pattern where a token for each request is embedded by the web application in all HTML forms and verified on the server side can protect agains XSRF

Answer 12

trueP3L2

Question 13

Logging off immediately after using a web application can protect against XSRF

Answer 13

trueP3L2

Question 14

Not allowing the browser to save username/password and not allowing web sites to remember user login can protect against XSRF

Answer 14

trueP3L2

Question 15

Not using the same browser to access sensitive web sites and to surf the web freely can protect against XSRF

Answer 15

trueP3L2

Question 16

________ is the better way to prevent SQL injection

Answer 16

Whitelisting to allow only well-defined set of safe valuesP3L2