Header Ads Widget

Responsive Advertisement

Computer System Security Week 9 quiz Solution [Cyber Security course on Prutor.ai]

Here you will get all the assignment and quiz solutions of Computer System Security Course by prutor.ai under the category Cyber Security. Prutor is an online smart tutoring platform which provides various MOOC courses for student and organised by by IIT Kharagpur. At the end of each course student gets a certificate for sucessfull  completion of each course but throughout the course students have to pass all the weekly assignments and quizes.

 

Q:1. _________ is an attack which forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated.

1. Two-factor authentication

2. Cross-site request forgery

3. Cross-site scripting

4. Cross-site scoring scripting

Answer:- 2. Cross-site request forgery


Q:2. _____ of home users that have broadband router with a default or no password (according to the lecture)

1. 85%

2. 64%

3. 50%

4. 45%

Answer:- 3. 50%


Q:3. Which of the following is a common source blocking?

1. Buggy User agents

2. User preference in browser

3. Network stripping by local machine

4. All of the above

Answer:- 4. All of the above

 

Q:4. Which of the following is a reason for mounting CSRF attack?

1. Network Connectivity

2. Read Browser State

3. Write Browser State

4. All of the above

Answer:- 4. All of the above


Q:5. To prevent CSRF, _______ validation should be used.

1. Referrer

2. Origin

3. Either A or B

4. None of the above

Answer:- 3. Either A or B


Q:6. What of the following is a website vulnerability?

1. SQL Injection

2. CSRF

3. Cross Side Scripting

4. All of the above

Answer:- 4. All of the above


Q:7. What happens when an application takes user inputted data and sends it to a web browser without proper validation and escaping?

1. Security Misconfiguration

2. Cross Site Scripting

3. Insecure Direct Object References

4. Broken Authentication and Session Management

Answer:- 2. Cross Site Scripting


Q:8. A Web site that allows users to enter text, such as a comment or a name, and then stores it and later display it to other users, is potentially vulnerable to a kind of attack called a ___________________ attack.

1. Two-factor authentication

2. Cross-site request forgery

3. Cross-site scripting

4. Cross-site scoring scripting

Answer:- 3. Cross-site scripting


Q:9. _________ is a method of injecting malicious code.

1. Stored XSS

2. Reflected XSS

3. DOM based attack

4. All of the above

Answer:- 4. All of the above


Q:10. In cross-site scripting where does the malicious script execute?

1. On the web server

2. In the user’s browser

3. On the attacker’s system

4. In the web app model code

Answer:- 2. In the user’s browser


Q:11. Which of the following is the best way to prevent a DOM-based XSS attack?

1. Set the HttpOnly flag in cookies

2. Ensure that session IDs are not exposed in a URL

3. Ensure that a different nonce is created for each request

4. Validate any input that comes from another Web site

Answer:- 4. Validate any input that comes from another Web site


Q:12. Which of the following is the best way to prevent malicious input exploiting your application?

1. Input validation using an allow List

2. Using encryption

3. Using table indirection

4. Using GET/POST parameters

Answer:- 1. Input validation using an allow List


Q:13. Which of the following is an advanced anti – XSS tool?

1. Dynamic Data Tainting

2. Static Analysis

3. Both A and B

4. None of the above

Answer:- 3. Both A and B


Q:14. Which of the following is a part of output filtering / encoding?

1. Remove / encode (X) HTML special chars

2. Allow only safe commands

3. Both A and B

4. None of the above

Answer:- 3. Both A and B


Q:15. Identify the correct statement with respect to ASP.NET output filtering?

1. Validate request

2. Javascript as scheme in URI

3. Javascript On{event} attributes (handlers)

4. All of the above

Answer:- 4. All of the above



Computer System Security 9th Week Solution is given below. the solution of Computer System Security 7rd Week Solution and all the answers are correct.

Post a Comment

0 Comments