Week 5 Q's

Question 1

What is Information Disclosure?

A. A strategy to intentionally share information with users.

B. When a website purposely hides data from its visitors.

C. A situation where a website accidentally shows confidential data to users.

D. A marketing technique to gather user information.

Answer 1

C

Question 2

Which of the following is NOT a type of technical information that can be unintentionally disclosed?

A. User’s personal favourite colour.

B. Error Messages revealing database types.

C. Comments left in HTML or JavaScript source code.

D. Embedded Metadata in document files.

Answer 2

A

Question 3

Why are verbose error or debugging messages a concern for security?

A. They make the website load slower.

B. They can hint at expected data type or input and reveal underlying technologies.

C. They improve user experience by explaining errors in detail.

D. They consume additional server resources.

Answer 3

B

Question 4

When auditing a website, why is it crucial to observe variations in error messages?

A. Because they can provide entertainment.

B. Because they might show ads.

C. They indicate different backend processes and can hint at security gaps.

D. They help in improving website aesthetics.

Answer 4

C

Question 5

What is the primary goal of enumeration attacks?

A. To boost the website’s Search Engine Optimization (SEO).

B. To redesign the website’s user interface.

C. To verify the possibility of gathering valid usernames interacting with the authentication system.

D. To improve the website’s load time.

Answer 5

C