Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Degree - Security and Networks > Week 8 - Web Attacks > Flashcards

Week 8 - Web Attacks Flashcards

1
Q

What is a SQL injection attack?

A

When an attacker writes SQL code into a form that then gets executed by the server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How do you prevent a SQL injection attack?

A

Sanitise user input

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is XSS?

A

Cross site scripting. When an attacker submits javascript code through a form which then leads to the server serving the malicious code to other users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How do you prevent XSS?

A

Sanitise user input

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is path traversal?

A

When an attacker gains access to material they shouldn’t by typing in the path in the url.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How do you prevent path traversal attacks?

A

Make a user account for the web server and only give it access to public files.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is CSRF?

A

Cross site request forgery. An innocent, trusted end user is tricked by the attacker into sending a request to a vulnerable web server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How do you prevent CSRF?

A

Check the value of the referer header.
Every time a form is served, add an additional parameter with a token and check that it is valid upon submission.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Degree - Security and Networks (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions